Coverage Report

Created: 2024-07-27 06:36

/src/openssl/ssl/s3_lib.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
3
 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4
 * Copyright 2005 Nokia. All rights reserved.
5
 *
6
 * Licensed under the Apache License 2.0 (the "License").  You may not use
7
 * this file except in compliance with the License.  You can obtain a copy
8
 * in the file LICENSE in the source distribution or at
9
 * https://www.openssl.org/source/license.html
10
 */
11
12
#include <stdio.h>
13
#include <openssl/objects.h>
14
#include "internal/nelem.h"
15
#include "ssl_local.h"
16
#include <openssl/md5.h>
17
#include <openssl/dh.h>
18
#include <openssl/rand.h>
19
#include <openssl/trace.h>
20
#include <openssl/x509v3.h>
21
#include <openssl/core_names.h>
22
#include "internal/cryptlib.h"
23
24
2
#define TLS13_NUM_CIPHERS       OSSL_NELEM(tls13_ciphers)
25
2
#define SSL3_NUM_CIPHERS        OSSL_NELEM(ssl3_ciphers)
26
2
#define SSL3_NUM_SCSVS          OSSL_NELEM(ssl3_scsvs)
27
28
/* TLSv1.3 downgrade protection sentinel values */
29
const unsigned char tls11downgrade[] = {
30
    0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00
31
};
32
const unsigned char tls12downgrade[] = {
33
    0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01
34
};
35
36
/* The list of available TLSv1.3 ciphers */
37
static SSL_CIPHER tls13_ciphers[] = {
38
    {
39
        1,
40
        TLS1_3_RFC_AES_128_GCM_SHA256,
41
        TLS1_3_RFC_AES_128_GCM_SHA256,
42
        TLS1_3_CK_AES_128_GCM_SHA256,
43
        SSL_kANY,
44
        SSL_aANY,
45
        SSL_AES128GCM,
46
        SSL_AEAD,
47
        TLS1_3_VERSION, TLS1_3_VERSION,
48
        0, 0,
49
        SSL_HIGH,
50
        SSL_HANDSHAKE_MAC_SHA256 | SSL_QUIC,
51
        128,
52
        128,
53
    }, {
54
        1,
55
        TLS1_3_RFC_AES_256_GCM_SHA384,
56
        TLS1_3_RFC_AES_256_GCM_SHA384,
57
        TLS1_3_CK_AES_256_GCM_SHA384,
58
        SSL_kANY,
59
        SSL_aANY,
60
        SSL_AES256GCM,
61
        SSL_AEAD,
62
        TLS1_3_VERSION, TLS1_3_VERSION,
63
        0, 0,
64
        SSL_HIGH,
65
        SSL_HANDSHAKE_MAC_SHA384 | SSL_QUIC,
66
        256,
67
        256,
68
    },
69
    {
70
        1,
71
        TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
72
        TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
73
        TLS1_3_CK_CHACHA20_POLY1305_SHA256,
74
        SSL_kANY,
75
        SSL_aANY,
76
        SSL_CHACHA20POLY1305,
77
        SSL_AEAD,
78
        TLS1_3_VERSION, TLS1_3_VERSION,
79
        0, 0,
80
        SSL_HIGH,
81
        SSL_HANDSHAKE_MAC_SHA256 | SSL_QUIC,
82
        256,
83
        256,
84
    },
85
    {
86
        1,
87
        TLS1_3_RFC_AES_128_CCM_SHA256,
88
        TLS1_3_RFC_AES_128_CCM_SHA256,
89
        TLS1_3_CK_AES_128_CCM_SHA256,
90
        SSL_kANY,
91
        SSL_aANY,
92
        SSL_AES128CCM,
93
        SSL_AEAD,
94
        TLS1_3_VERSION, TLS1_3_VERSION,
95
        0, 0,
96
        SSL_NOT_DEFAULT | SSL_HIGH,
97
        SSL_HANDSHAKE_MAC_SHA256,
98
        128,
99
        128,
100
    }, {
101
        1,
102
        TLS1_3_RFC_AES_128_CCM_8_SHA256,
103
        TLS1_3_RFC_AES_128_CCM_8_SHA256,
104
        TLS1_3_CK_AES_128_CCM_8_SHA256,
105
        SSL_kANY,
106
        SSL_aANY,
107
        SSL_AES128CCM8,
108
        SSL_AEAD,
109
        TLS1_3_VERSION, TLS1_3_VERSION,
110
        0, 0,
111
        SSL_NOT_DEFAULT | SSL_MEDIUM,
112
        SSL_HANDSHAKE_MAC_SHA256,
113
        64, /* CCM8 uses a short tag, so we have a low security strength */
114
        128,
115
    },
116
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
117
    {
118
        1,
119
        TLS1_3_RFC_SHA256_SHA256,
120
        TLS1_3_RFC_SHA256_SHA256,
121
        TLS1_3_CK_SHA256_SHA256,
122
        SSL_kANY,
123
        SSL_aANY,
124
        SSL_eNULL,
125
        SSL_SHA256,
126
        TLS1_3_VERSION, TLS1_3_VERSION,
127
        0, 0,
128
        SSL_NOT_DEFAULT | SSL_STRONG_NONE,
129
        SSL_HANDSHAKE_MAC_SHA256,
130
        0,
131
        256,
132
    }, {
133
        1,
134
        TLS1_3_RFC_SHA384_SHA384,
135
        TLS1_3_RFC_SHA384_SHA384,
136
        TLS1_3_CK_SHA384_SHA384,
137
        SSL_kANY,
138
        SSL_aANY,
139
        SSL_eNULL,
140
        SSL_SHA384,
141
        TLS1_3_VERSION, TLS1_3_VERSION,
142
        0, 0,
143
        SSL_NOT_DEFAULT | SSL_STRONG_NONE,
144
        SSL_HANDSHAKE_MAC_SHA384,
145
        0,
146
        384,
147
    },
148
#endif
149
};
150
151
/*
152
 * The list of available ciphers, mostly organized into the following
153
 * groups:
154
 *      Always there
155
 *      EC
156
 *      PSK
157
 *      SRP (within that: RSA EC PSK)
158
 *      Cipher families: Chacha/poly, Camellia, Gost, IDEA, SEED
159
 *      Weak ciphers
160
 */
161
static SSL_CIPHER ssl3_ciphers[] = {
162
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
163
    {
164
     1,
165
     SSL3_TXT_RSA_NULL_MD5,
166
     SSL3_RFC_RSA_NULL_MD5,
167
     SSL3_CK_RSA_NULL_MD5,
168
     SSL_kRSA,
169
     SSL_aRSA,
170
     SSL_eNULL,
171
     SSL_MD5,
172
     SSL3_VERSION, TLS1_2_VERSION,
173
     DTLS1_BAD_VER, DTLS1_2_VERSION,
174
     SSL_STRONG_NONE,
175
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
176
     0,
177
     0,
178
     },
179
    {
180
     1,
181
     SSL3_TXT_RSA_NULL_SHA,
182
     SSL3_RFC_RSA_NULL_SHA,
183
     SSL3_CK_RSA_NULL_SHA,
184
     SSL_kRSA,
185
     SSL_aRSA,
186
     SSL_eNULL,
187
     SSL_SHA1,
188
     SSL3_VERSION, TLS1_2_VERSION,
189
     DTLS1_BAD_VER, DTLS1_2_VERSION,
190
     SSL_STRONG_NONE | SSL_FIPS,
191
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
192
     0,
193
     0,
194
     },
195
#endif
196
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
197
    {
198
     1,
199
     SSL3_TXT_RSA_DES_192_CBC3_SHA,
200
     SSL3_RFC_RSA_DES_192_CBC3_SHA,
201
     SSL3_CK_RSA_DES_192_CBC3_SHA,
202
     SSL_kRSA,
203
     SSL_aRSA,
204
     SSL_3DES,
205
     SSL_SHA1,
206
     SSL3_VERSION, TLS1_2_VERSION,
207
     DTLS1_BAD_VER, DTLS1_2_VERSION,
208
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
209
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
210
     112,
211
     168,
212
     },
213
    {
214
     1,
215
     SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
216
     SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA,
217
     SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
218
     SSL_kDHE,
219
     SSL_aDSS,
220
     SSL_3DES,
221
     SSL_SHA1,
222
     SSL3_VERSION, TLS1_2_VERSION,
223
     DTLS1_BAD_VER, DTLS1_2_VERSION,
224
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
225
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
226
     112,
227
     168,
228
     },
229
    {
230
     1,
231
     SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
232
     SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA,
233
     SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
234
     SSL_kDHE,
235
     SSL_aRSA,
236
     SSL_3DES,
237
     SSL_SHA1,
238
     SSL3_VERSION, TLS1_2_VERSION,
239
     DTLS1_BAD_VER, DTLS1_2_VERSION,
240
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
241
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
242
     112,
243
     168,
244
     },
245
    {
246
     1,
247
     SSL3_TXT_ADH_DES_192_CBC_SHA,
248
     SSL3_RFC_ADH_DES_192_CBC_SHA,
249
     SSL3_CK_ADH_DES_192_CBC_SHA,
250
     SSL_kDHE,
251
     SSL_aNULL,
252
     SSL_3DES,
253
     SSL_SHA1,
254
     SSL3_VERSION, TLS1_2_VERSION,
255
     DTLS1_BAD_VER, DTLS1_2_VERSION,
256
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
257
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
258
     112,
259
     168,
260
     },
261
#endif
262
    {
263
     1,
264
     TLS1_TXT_RSA_WITH_AES_128_SHA,
265
     TLS1_RFC_RSA_WITH_AES_128_SHA,
266
     TLS1_CK_RSA_WITH_AES_128_SHA,
267
     SSL_kRSA,
268
     SSL_aRSA,
269
     SSL_AES128,
270
     SSL_SHA1,
271
     SSL3_VERSION, TLS1_2_VERSION,
272
     DTLS1_BAD_VER, DTLS1_2_VERSION,
273
     SSL_HIGH | SSL_FIPS,
274
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
275
     128,
276
     128,
277
     },
278
    {
279
     1,
280
     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
281
     TLS1_RFC_DHE_DSS_WITH_AES_128_SHA,
282
     TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
283
     SSL_kDHE,
284
     SSL_aDSS,
285
     SSL_AES128,
286
     SSL_SHA1,
287
     SSL3_VERSION, TLS1_2_VERSION,
288
     DTLS1_BAD_VER, DTLS1_2_VERSION,
289
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
290
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
291
     128,
292
     128,
293
     },
294
    {
295
     1,
296
     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
297
     TLS1_RFC_DHE_RSA_WITH_AES_128_SHA,
298
     TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
299
     SSL_kDHE,
300
     SSL_aRSA,
301
     SSL_AES128,
302
     SSL_SHA1,
303
     SSL3_VERSION, TLS1_2_VERSION,
304
     DTLS1_BAD_VER, DTLS1_2_VERSION,
305
     SSL_HIGH | SSL_FIPS,
306
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
307
     128,
308
     128,
309
     },
310
    {
311
     1,
312
     TLS1_TXT_ADH_WITH_AES_128_SHA,
313
     TLS1_RFC_ADH_WITH_AES_128_SHA,
314
     TLS1_CK_ADH_WITH_AES_128_SHA,
315
     SSL_kDHE,
316
     SSL_aNULL,
317
     SSL_AES128,
318
     SSL_SHA1,
319
     SSL3_VERSION, TLS1_2_VERSION,
320
     DTLS1_BAD_VER, DTLS1_2_VERSION,
321
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
322
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
323
     128,
324
     128,
325
     },
326
    {
327
     1,
328
     TLS1_TXT_RSA_WITH_AES_256_SHA,
329
     TLS1_RFC_RSA_WITH_AES_256_SHA,
330
     TLS1_CK_RSA_WITH_AES_256_SHA,
331
     SSL_kRSA,
332
     SSL_aRSA,
333
     SSL_AES256,
334
     SSL_SHA1,
335
     SSL3_VERSION, TLS1_2_VERSION,
336
     DTLS1_BAD_VER, DTLS1_2_VERSION,
337
     SSL_HIGH | SSL_FIPS,
338
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
339
     256,
340
     256,
341
     },
342
    {
343
     1,
344
     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
345
     TLS1_RFC_DHE_DSS_WITH_AES_256_SHA,
346
     TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
347
     SSL_kDHE,
348
     SSL_aDSS,
349
     SSL_AES256,
350
     SSL_SHA1,
351
     SSL3_VERSION, TLS1_2_VERSION,
352
     DTLS1_BAD_VER, DTLS1_2_VERSION,
353
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
354
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
355
     256,
356
     256,
357
     },
358
    {
359
     1,
360
     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
361
     TLS1_RFC_DHE_RSA_WITH_AES_256_SHA,
362
     TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
363
     SSL_kDHE,
364
     SSL_aRSA,
365
     SSL_AES256,
366
     SSL_SHA1,
367
     SSL3_VERSION, TLS1_2_VERSION,
368
     DTLS1_BAD_VER, DTLS1_2_VERSION,
369
     SSL_HIGH | SSL_FIPS,
370
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
371
     256,
372
     256,
373
     },
374
    {
375
     1,
376
     TLS1_TXT_ADH_WITH_AES_256_SHA,
377
     TLS1_RFC_ADH_WITH_AES_256_SHA,
378
     TLS1_CK_ADH_WITH_AES_256_SHA,
379
     SSL_kDHE,
380
     SSL_aNULL,
381
     SSL_AES256,
382
     SSL_SHA1,
383
     SSL3_VERSION, TLS1_2_VERSION,
384
     DTLS1_BAD_VER, DTLS1_2_VERSION,
385
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
386
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
387
     256,
388
     256,
389
     },
390
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
391
    {
392
     1,
393
     TLS1_TXT_RSA_WITH_NULL_SHA256,
394
     TLS1_RFC_RSA_WITH_NULL_SHA256,
395
     TLS1_CK_RSA_WITH_NULL_SHA256,
396
     SSL_kRSA,
397
     SSL_aRSA,
398
     SSL_eNULL,
399
     SSL_SHA256,
400
     TLS1_2_VERSION, TLS1_2_VERSION,
401
     DTLS1_2_VERSION, DTLS1_2_VERSION,
402
     SSL_STRONG_NONE | SSL_FIPS,
403
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
404
     0,
405
     0,
406
     },
407
#endif
408
    {
409
     1,
410
     TLS1_TXT_RSA_WITH_AES_128_SHA256,
411
     TLS1_RFC_RSA_WITH_AES_128_SHA256,
412
     TLS1_CK_RSA_WITH_AES_128_SHA256,
413
     SSL_kRSA,
414
     SSL_aRSA,
415
     SSL_AES128,
416
     SSL_SHA256,
417
     TLS1_2_VERSION, TLS1_2_VERSION,
418
     DTLS1_2_VERSION, DTLS1_2_VERSION,
419
     SSL_HIGH | SSL_FIPS,
420
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
421
     128,
422
     128,
423
     },
424
    {
425
     1,
426
     TLS1_TXT_RSA_WITH_AES_256_SHA256,
427
     TLS1_RFC_RSA_WITH_AES_256_SHA256,
428
     TLS1_CK_RSA_WITH_AES_256_SHA256,
429
     SSL_kRSA,
430
     SSL_aRSA,
431
     SSL_AES256,
432
     SSL_SHA256,
433
     TLS1_2_VERSION, TLS1_2_VERSION,
434
     DTLS1_2_VERSION, DTLS1_2_VERSION,
435
     SSL_HIGH | SSL_FIPS,
436
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
437
     256,
438
     256,
439
     },
440
    {
441
     1,
442
     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
443
     TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256,
444
     TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
445
     SSL_kDHE,
446
     SSL_aDSS,
447
     SSL_AES128,
448
     SSL_SHA256,
449
     TLS1_2_VERSION, TLS1_2_VERSION,
450
     DTLS1_2_VERSION, DTLS1_2_VERSION,
451
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
452
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
453
     128,
454
     128,
455
     },
456
    {
457
     1,
458
     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
459
     TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256,
460
     TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
461
     SSL_kDHE,
462
     SSL_aRSA,
463
     SSL_AES128,
464
     SSL_SHA256,
465
     TLS1_2_VERSION, TLS1_2_VERSION,
466
     DTLS1_2_VERSION, DTLS1_2_VERSION,
467
     SSL_HIGH | SSL_FIPS,
468
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
469
     128,
470
     128,
471
     },
472
    {
473
     1,
474
     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
475
     TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256,
476
     TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
477
     SSL_kDHE,
478
     SSL_aDSS,
479
     SSL_AES256,
480
     SSL_SHA256,
481
     TLS1_2_VERSION, TLS1_2_VERSION,
482
     DTLS1_2_VERSION, DTLS1_2_VERSION,
483
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
484
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
485
     256,
486
     256,
487
     },
488
    {
489
     1,
490
     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
491
     TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256,
492
     TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
493
     SSL_kDHE,
494
     SSL_aRSA,
495
     SSL_AES256,
496
     SSL_SHA256,
497
     TLS1_2_VERSION, TLS1_2_VERSION,
498
     DTLS1_2_VERSION, DTLS1_2_VERSION,
499
     SSL_HIGH | SSL_FIPS,
500
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
501
     256,
502
     256,
503
     },
504
    {
505
     1,
506
     TLS1_TXT_ADH_WITH_AES_128_SHA256,
507
     TLS1_RFC_ADH_WITH_AES_128_SHA256,
508
     TLS1_CK_ADH_WITH_AES_128_SHA256,
509
     SSL_kDHE,
510
     SSL_aNULL,
511
     SSL_AES128,
512
     SSL_SHA256,
513
     TLS1_2_VERSION, TLS1_2_VERSION,
514
     DTLS1_2_VERSION, DTLS1_2_VERSION,
515
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
516
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
517
     128,
518
     128,
519
     },
520
    {
521
     1,
522
     TLS1_TXT_ADH_WITH_AES_256_SHA256,
523
     TLS1_RFC_ADH_WITH_AES_256_SHA256,
524
     TLS1_CK_ADH_WITH_AES_256_SHA256,
525
     SSL_kDHE,
526
     SSL_aNULL,
527
     SSL_AES256,
528
     SSL_SHA256,
529
     TLS1_2_VERSION, TLS1_2_VERSION,
530
     DTLS1_2_VERSION, DTLS1_2_VERSION,
531
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
532
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
533
     256,
534
     256,
535
     },
536
    {
537
     1,
538
     TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
539
     TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256,
540
     TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
541
     SSL_kRSA,
542
     SSL_aRSA,
543
     SSL_AES128GCM,
544
     SSL_AEAD,
545
     TLS1_2_VERSION, TLS1_2_VERSION,
546
     DTLS1_2_VERSION, DTLS1_2_VERSION,
547
     SSL_HIGH | SSL_FIPS,
548
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
549
     128,
550
     128,
551
     },
552
    {
553
     1,
554
     TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
555
     TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384,
556
     TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
557
     SSL_kRSA,
558
     SSL_aRSA,
559
     SSL_AES256GCM,
560
     SSL_AEAD,
561
     TLS1_2_VERSION, TLS1_2_VERSION,
562
     DTLS1_2_VERSION, DTLS1_2_VERSION,
563
     SSL_HIGH | SSL_FIPS,
564
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
565
     256,
566
     256,
567
     },
568
    {
569
     1,
570
     TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
571
     TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256,
572
     TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
573
     SSL_kDHE,
574
     SSL_aRSA,
575
     SSL_AES128GCM,
576
     SSL_AEAD,
577
     TLS1_2_VERSION, TLS1_2_VERSION,
578
     DTLS1_2_VERSION, DTLS1_2_VERSION,
579
     SSL_HIGH | SSL_FIPS,
580
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
581
     128,
582
     128,
583
     },
584
    {
585
     1,
586
     TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
587
     TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384,
588
     TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
589
     SSL_kDHE,
590
     SSL_aRSA,
591
     SSL_AES256GCM,
592
     SSL_AEAD,
593
     TLS1_2_VERSION, TLS1_2_VERSION,
594
     DTLS1_2_VERSION, DTLS1_2_VERSION,
595
     SSL_HIGH | SSL_FIPS,
596
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
597
     256,
598
     256,
599
     },
600
    {
601
     1,
602
     TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
603
     TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256,
604
     TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
605
     SSL_kDHE,
606
     SSL_aDSS,
607
     SSL_AES128GCM,
608
     SSL_AEAD,
609
     TLS1_2_VERSION, TLS1_2_VERSION,
610
     DTLS1_2_VERSION, DTLS1_2_VERSION,
611
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
612
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
613
     128,
614
     128,
615
     },
616
    {
617
     1,
618
     TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
619
     TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384,
620
     TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
621
     SSL_kDHE,
622
     SSL_aDSS,
623
     SSL_AES256GCM,
624
     SSL_AEAD,
625
     TLS1_2_VERSION, TLS1_2_VERSION,
626
     DTLS1_2_VERSION, DTLS1_2_VERSION,
627
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
628
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
629
     256,
630
     256,
631
     },
632
    {
633
     1,
634
     TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
635
     TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256,
636
     TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
637
     SSL_kDHE,
638
     SSL_aNULL,
639
     SSL_AES128GCM,
640
     SSL_AEAD,
641
     TLS1_2_VERSION, TLS1_2_VERSION,
642
     DTLS1_2_VERSION, DTLS1_2_VERSION,
643
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
644
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
645
     128,
646
     128,
647
     },
648
    {
649
     1,
650
     TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
651
     TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384,
652
     TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
653
     SSL_kDHE,
654
     SSL_aNULL,
655
     SSL_AES256GCM,
656
     SSL_AEAD,
657
     TLS1_2_VERSION, TLS1_2_VERSION,
658
     DTLS1_2_VERSION, DTLS1_2_VERSION,
659
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
660
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
661
     256,
662
     256,
663
     },
664
    {
665
     1,
666
     TLS1_TXT_RSA_WITH_AES_128_CCM,
667
     TLS1_RFC_RSA_WITH_AES_128_CCM,
668
     TLS1_CK_RSA_WITH_AES_128_CCM,
669
     SSL_kRSA,
670
     SSL_aRSA,
671
     SSL_AES128CCM,
672
     SSL_AEAD,
673
     TLS1_2_VERSION, TLS1_2_VERSION,
674
     DTLS1_2_VERSION, DTLS1_2_VERSION,
675
     SSL_NOT_DEFAULT | SSL_HIGH,
676
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
677
     128,
678
     128,
679
     },
680
    {
681
     1,
682
     TLS1_TXT_RSA_WITH_AES_256_CCM,
683
     TLS1_RFC_RSA_WITH_AES_256_CCM,
684
     TLS1_CK_RSA_WITH_AES_256_CCM,
685
     SSL_kRSA,
686
     SSL_aRSA,
687
     SSL_AES256CCM,
688
     SSL_AEAD,
689
     TLS1_2_VERSION, TLS1_2_VERSION,
690
     DTLS1_2_VERSION, DTLS1_2_VERSION,
691
     SSL_NOT_DEFAULT | SSL_HIGH,
692
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
693
     256,
694
     256,
695
     },
696
    {
697
     1,
698
     TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
699
     TLS1_RFC_DHE_RSA_WITH_AES_128_CCM,
700
     TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
701
     SSL_kDHE,
702
     SSL_aRSA,
703
     SSL_AES128CCM,
704
     SSL_AEAD,
705
     TLS1_2_VERSION, TLS1_2_VERSION,
706
     DTLS1_2_VERSION, DTLS1_2_VERSION,
707
     SSL_NOT_DEFAULT | SSL_HIGH,
708
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
709
     128,
710
     128,
711
     },
712
    {
713
     1,
714
     TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
715
     TLS1_RFC_DHE_RSA_WITH_AES_256_CCM,
716
     TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
717
     SSL_kDHE,
718
     SSL_aRSA,
719
     SSL_AES256CCM,
720
     SSL_AEAD,
721
     TLS1_2_VERSION, TLS1_2_VERSION,
722
     DTLS1_2_VERSION, DTLS1_2_VERSION,
723
     SSL_NOT_DEFAULT | SSL_HIGH,
724
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
725
     256,
726
     256,
727
     },
728
    {
729
     1,
730
     TLS1_TXT_RSA_WITH_AES_128_CCM_8,
731
     TLS1_RFC_RSA_WITH_AES_128_CCM_8,
732
     TLS1_CK_RSA_WITH_AES_128_CCM_8,
733
     SSL_kRSA,
734
     SSL_aRSA,
735
     SSL_AES128CCM8,
736
     SSL_AEAD,
737
     TLS1_2_VERSION, TLS1_2_VERSION,
738
     DTLS1_2_VERSION, DTLS1_2_VERSION,
739
     SSL_NOT_DEFAULT | SSL_MEDIUM,
740
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
741
     64, /* CCM8 uses a short tag, so we have a low security strength */
742
     128,
743
     },
744
    {
745
     1,
746
     TLS1_TXT_RSA_WITH_AES_256_CCM_8,
747
     TLS1_RFC_RSA_WITH_AES_256_CCM_8,
748
     TLS1_CK_RSA_WITH_AES_256_CCM_8,
749
     SSL_kRSA,
750
     SSL_aRSA,
751
     SSL_AES256CCM8,
752
     SSL_AEAD,
753
     TLS1_2_VERSION, TLS1_2_VERSION,
754
     DTLS1_2_VERSION, DTLS1_2_VERSION,
755
     SSL_NOT_DEFAULT | SSL_MEDIUM,
756
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
757
     64, /* CCM8 uses a short tag, so we have a low security strength */
758
     256,
759
     },
760
    {
761
     1,
762
     TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
763
     TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8,
764
     TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
765
     SSL_kDHE,
766
     SSL_aRSA,
767
     SSL_AES128CCM8,
768
     SSL_AEAD,
769
     TLS1_2_VERSION, TLS1_2_VERSION,
770
     DTLS1_2_VERSION, DTLS1_2_VERSION,
771
     SSL_NOT_DEFAULT | SSL_MEDIUM,
772
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
773
     64, /* CCM8 uses a short tag, so we have a low security strength */
774
     128,
775
     },
776
    {
777
     1,
778
     TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
779
     TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8,
780
     TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
781
     SSL_kDHE,
782
     SSL_aRSA,
783
     SSL_AES256CCM8,
784
     SSL_AEAD,
785
     TLS1_2_VERSION, TLS1_2_VERSION,
786
     DTLS1_2_VERSION, DTLS1_2_VERSION,
787
     SSL_NOT_DEFAULT | SSL_MEDIUM,
788
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
789
     64, /* CCM8 uses a short tag, so we have a low security strength */
790
     256,
791
     },
792
    {
793
     1,
794
     TLS1_TXT_PSK_WITH_AES_128_CCM,
795
     TLS1_RFC_PSK_WITH_AES_128_CCM,
796
     TLS1_CK_PSK_WITH_AES_128_CCM,
797
     SSL_kPSK,
798
     SSL_aPSK,
799
     SSL_AES128CCM,
800
     SSL_AEAD,
801
     TLS1_2_VERSION, TLS1_2_VERSION,
802
     DTLS1_2_VERSION, DTLS1_2_VERSION,
803
     SSL_NOT_DEFAULT | SSL_HIGH,
804
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
805
     128,
806
     128,
807
     },
808
    {
809
     1,
810
     TLS1_TXT_PSK_WITH_AES_256_CCM,
811
     TLS1_RFC_PSK_WITH_AES_256_CCM,
812
     TLS1_CK_PSK_WITH_AES_256_CCM,
813
     SSL_kPSK,
814
     SSL_aPSK,
815
     SSL_AES256CCM,
816
     SSL_AEAD,
817
     TLS1_2_VERSION, TLS1_2_VERSION,
818
     DTLS1_2_VERSION, DTLS1_2_VERSION,
819
     SSL_NOT_DEFAULT | SSL_HIGH,
820
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
821
     256,
822
     256,
823
     },
824
    {
825
     1,
826
     TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
827
     TLS1_RFC_DHE_PSK_WITH_AES_128_CCM,
828
     TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
829
     SSL_kDHEPSK,
830
     SSL_aPSK,
831
     SSL_AES128CCM,
832
     SSL_AEAD,
833
     TLS1_2_VERSION, TLS1_2_VERSION,
834
     DTLS1_2_VERSION, DTLS1_2_VERSION,
835
     SSL_NOT_DEFAULT | SSL_HIGH,
836
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
837
     128,
838
     128,
839
     },
840
    {
841
     1,
842
     TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
843
     TLS1_RFC_DHE_PSK_WITH_AES_256_CCM,
844
     TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
845
     SSL_kDHEPSK,
846
     SSL_aPSK,
847
     SSL_AES256CCM,
848
     SSL_AEAD,
849
     TLS1_2_VERSION, TLS1_2_VERSION,
850
     DTLS1_2_VERSION, DTLS1_2_VERSION,
851
     SSL_NOT_DEFAULT | SSL_HIGH,
852
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
853
     256,
854
     256,
855
     },
856
    {
857
     1,
858
     TLS1_TXT_PSK_WITH_AES_128_CCM_8,
859
     TLS1_RFC_PSK_WITH_AES_128_CCM_8,
860
     TLS1_CK_PSK_WITH_AES_128_CCM_8,
861
     SSL_kPSK,
862
     SSL_aPSK,
863
     SSL_AES128CCM8,
864
     SSL_AEAD,
865
     TLS1_2_VERSION, TLS1_2_VERSION,
866
     DTLS1_2_VERSION, DTLS1_2_VERSION,
867
     SSL_NOT_DEFAULT | SSL_MEDIUM,
868
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
869
     64, /* CCM8 uses a short tag, so we have a low security strength */
870
     128,
871
     },
872
    {
873
     1,
874
     TLS1_TXT_PSK_WITH_AES_256_CCM_8,
875
     TLS1_RFC_PSK_WITH_AES_256_CCM_8,
876
     TLS1_CK_PSK_WITH_AES_256_CCM_8,
877
     SSL_kPSK,
878
     SSL_aPSK,
879
     SSL_AES256CCM8,
880
     SSL_AEAD,
881
     TLS1_2_VERSION, TLS1_2_VERSION,
882
     DTLS1_2_VERSION, DTLS1_2_VERSION,
883
     SSL_NOT_DEFAULT | SSL_MEDIUM,
884
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
885
     64, /* CCM8 uses a short tag, so we have a low security strength */
886
     256,
887
     },
888
    {
889
     1,
890
     TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
891
     TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8,
892
     TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
893
     SSL_kDHEPSK,
894
     SSL_aPSK,
895
     SSL_AES128CCM8,
896
     SSL_AEAD,
897
     TLS1_2_VERSION, TLS1_2_VERSION,
898
     DTLS1_2_VERSION, DTLS1_2_VERSION,
899
     SSL_NOT_DEFAULT | SSL_MEDIUM,
900
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
901
     64, /* CCM8 uses a short tag, so we have a low security strength */
902
     128,
903
     },
904
    {
905
     1,
906
     TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
907
     TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8,
908
     TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
909
     SSL_kDHEPSK,
910
     SSL_aPSK,
911
     SSL_AES256CCM8,
912
     SSL_AEAD,
913
     TLS1_2_VERSION, TLS1_2_VERSION,
914
     DTLS1_2_VERSION, DTLS1_2_VERSION,
915
     SSL_NOT_DEFAULT | SSL_MEDIUM,
916
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
917
     64, /* CCM8 uses a short tag, so we have a low security strength */
918
     256,
919
     },
920
    {
921
     1,
922
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
923
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM,
924
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
925
     SSL_kECDHE,
926
     SSL_aECDSA,
927
     SSL_AES128CCM,
928
     SSL_AEAD,
929
     TLS1_2_VERSION, TLS1_2_VERSION,
930
     DTLS1_2_VERSION, DTLS1_2_VERSION,
931
     SSL_NOT_DEFAULT | SSL_HIGH,
932
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
933
     128,
934
     128,
935
     },
936
    {
937
     1,
938
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
939
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM,
940
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
941
     SSL_kECDHE,
942
     SSL_aECDSA,
943
     SSL_AES256CCM,
944
     SSL_AEAD,
945
     TLS1_2_VERSION, TLS1_2_VERSION,
946
     DTLS1_2_VERSION, DTLS1_2_VERSION,
947
     SSL_NOT_DEFAULT | SSL_HIGH,
948
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
949
     256,
950
     256,
951
     },
952
    {
953
     1,
954
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
955
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8,
956
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
957
     SSL_kECDHE,
958
     SSL_aECDSA,
959
     SSL_AES128CCM8,
960
     SSL_AEAD,
961
     TLS1_2_VERSION, TLS1_2_VERSION,
962
     DTLS1_2_VERSION, DTLS1_2_VERSION,
963
     SSL_NOT_DEFAULT | SSL_MEDIUM,
964
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
965
     64, /* CCM8 uses a short tag, so we have a low security strength */
966
     128,
967
     },
968
    {
969
     1,
970
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
971
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8,
972
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
973
     SSL_kECDHE,
974
     SSL_aECDSA,
975
     SSL_AES256CCM8,
976
     SSL_AEAD,
977
     TLS1_2_VERSION, TLS1_2_VERSION,
978
     DTLS1_2_VERSION, DTLS1_2_VERSION,
979
     SSL_NOT_DEFAULT | SSL_MEDIUM,
980
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
981
     64, /* CCM8 uses a short tag, so we have a low security strength */
982
     256,
983
     },
984
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
985
    {
986
     1,
987
     TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
988
     TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA,
989
     TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
990
     SSL_kECDHE,
991
     SSL_aECDSA,
992
     SSL_eNULL,
993
     SSL_SHA1,
994
     TLS1_VERSION, TLS1_2_VERSION,
995
     DTLS1_BAD_VER, DTLS1_2_VERSION,
996
     SSL_STRONG_NONE | SSL_FIPS,
997
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
998
     0,
999
     0,
1000
     },
1001
#endif
1002
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1003
    {
1004
     1,
1005
     TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1006
     TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1007
     TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1008
     SSL_kECDHE,
1009
     SSL_aECDSA,
1010
     SSL_3DES,
1011
     SSL_SHA1,
1012
     TLS1_VERSION, TLS1_2_VERSION,
1013
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1014
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1015
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1016
     112,
1017
     168,
1018
     },
1019
# endif
1020
    {
1021
     1,
1022
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1023
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1024
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1025
     SSL_kECDHE,
1026
     SSL_aECDSA,
1027
     SSL_AES128,
1028
     SSL_SHA1,
1029
     TLS1_VERSION, TLS1_2_VERSION,
1030
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1031
     SSL_HIGH | SSL_FIPS,
1032
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1033
     128,
1034
     128,
1035
     },
1036
    {
1037
     1,
1038
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1039
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1040
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1041
     SSL_kECDHE,
1042
     SSL_aECDSA,
1043
     SSL_AES256,
1044
     SSL_SHA1,
1045
     TLS1_VERSION, TLS1_2_VERSION,
1046
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1047
     SSL_HIGH | SSL_FIPS,
1048
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1049
     256,
1050
     256,
1051
     },
1052
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
1053
    {
1054
     1,
1055
     TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
1056
     TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA,
1057
     TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1058
     SSL_kECDHE,
1059
     SSL_aRSA,
1060
     SSL_eNULL,
1061
     SSL_SHA1,
1062
     TLS1_VERSION, TLS1_2_VERSION,
1063
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1064
     SSL_STRONG_NONE | SSL_FIPS,
1065
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1066
     0,
1067
     0,
1068
     },
1069
#endif
1070
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1071
    {
1072
     1,
1073
     TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1074
     TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1075
     TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1076
     SSL_kECDHE,
1077
     SSL_aRSA,
1078
     SSL_3DES,
1079
     SSL_SHA1,
1080
     TLS1_VERSION, TLS1_2_VERSION,
1081
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1082
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1083
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1084
     112,
1085
     168,
1086
     },
1087
# endif
1088
    {
1089
     1,
1090
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1091
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1092
     TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1093
     SSL_kECDHE,
1094
     SSL_aRSA,
1095
     SSL_AES128,
1096
     SSL_SHA1,
1097
     TLS1_VERSION, TLS1_2_VERSION,
1098
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1099
     SSL_HIGH | SSL_FIPS,
1100
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1101
     128,
1102
     128,
1103
     },
1104
    {
1105
     1,
1106
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1107
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1108
     TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1109
     SSL_kECDHE,
1110
     SSL_aRSA,
1111
     SSL_AES256,
1112
     SSL_SHA1,
1113
     TLS1_VERSION, TLS1_2_VERSION,
1114
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1115
     SSL_HIGH | SSL_FIPS,
1116
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1117
     256,
1118
     256,
1119
     },
1120
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
1121
    {
1122
     1,
1123
     TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1124
     TLS1_RFC_ECDH_anon_WITH_NULL_SHA,
1125
     TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1126
     SSL_kECDHE,
1127
     SSL_aNULL,
1128
     SSL_eNULL,
1129
     SSL_SHA1,
1130
     TLS1_VERSION, TLS1_2_VERSION,
1131
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1132
     SSL_STRONG_NONE | SSL_FIPS,
1133
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1134
     0,
1135
     0,
1136
     },
1137
#endif
1138
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1139
    {
1140
     1,
1141
     TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1142
     TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA,
1143
     TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1144
     SSL_kECDHE,
1145
     SSL_aNULL,
1146
     SSL_3DES,
1147
     SSL_SHA1,
1148
     TLS1_VERSION, TLS1_2_VERSION,
1149
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1150
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1151
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1152
     112,
1153
     168,
1154
     },
1155
# endif
1156
    {
1157
     1,
1158
     TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
1159
     TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA,
1160
     TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1161
     SSL_kECDHE,
1162
     SSL_aNULL,
1163
     SSL_AES128,
1164
     SSL_SHA1,
1165
     TLS1_VERSION, TLS1_2_VERSION,
1166
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1167
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1168
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1169
     128,
1170
     128,
1171
     },
1172
    {
1173
     1,
1174
     TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
1175
     TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA,
1176
     TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1177
     SSL_kECDHE,
1178
     SSL_aNULL,
1179
     SSL_AES256,
1180
     SSL_SHA1,
1181
     TLS1_VERSION, TLS1_2_VERSION,
1182
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1183
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1184
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1185
     256,
1186
     256,
1187
     },
1188
    {
1189
     1,
1190
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
1191
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256,
1192
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
1193
     SSL_kECDHE,
1194
     SSL_aECDSA,
1195
     SSL_AES128,
1196
     SSL_SHA256,
1197
     TLS1_2_VERSION, TLS1_2_VERSION,
1198
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1199
     SSL_HIGH | SSL_FIPS,
1200
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1201
     128,
1202
     128,
1203
     },
1204
    {
1205
     1,
1206
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
1207
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384,
1208
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
1209
     SSL_kECDHE,
1210
     SSL_aECDSA,
1211
     SSL_AES256,
1212
     SSL_SHA384,
1213
     TLS1_2_VERSION, TLS1_2_VERSION,
1214
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1215
     SSL_HIGH | SSL_FIPS,
1216
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1217
     256,
1218
     256,
1219
     },
1220
    {
1221
     1,
1222
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
1223
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256,
1224
     TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
1225
     SSL_kECDHE,
1226
     SSL_aRSA,
1227
     SSL_AES128,
1228
     SSL_SHA256,
1229
     TLS1_2_VERSION, TLS1_2_VERSION,
1230
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1231
     SSL_HIGH | SSL_FIPS,
1232
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1233
     128,
1234
     128,
1235
     },
1236
    {
1237
     1,
1238
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
1239
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384,
1240
     TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
1241
     SSL_kECDHE,
1242
     SSL_aRSA,
1243
     SSL_AES256,
1244
     SSL_SHA384,
1245
     TLS1_2_VERSION, TLS1_2_VERSION,
1246
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1247
     SSL_HIGH | SSL_FIPS,
1248
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1249
     256,
1250
     256,
1251
     },
1252
    {
1253
     1,
1254
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1255
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1256
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1257
     SSL_kECDHE,
1258
     SSL_aECDSA,
1259
     SSL_AES128GCM,
1260
     SSL_AEAD,
1261
     TLS1_2_VERSION, TLS1_2_VERSION,
1262
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1263
     SSL_HIGH | SSL_FIPS,
1264
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1265
     128,
1266
     128,
1267
     },
1268
    {
1269
     1,
1270
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1271
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1272
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1273
     SSL_kECDHE,
1274
     SSL_aECDSA,
1275
     SSL_AES256GCM,
1276
     SSL_AEAD,
1277
     TLS1_2_VERSION, TLS1_2_VERSION,
1278
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1279
     SSL_HIGH | SSL_FIPS,
1280
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1281
     256,
1282
     256,
1283
     },
1284
    {
1285
     1,
1286
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1287
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1288
     TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1289
     SSL_kECDHE,
1290
     SSL_aRSA,
1291
     SSL_AES128GCM,
1292
     SSL_AEAD,
1293
     TLS1_2_VERSION, TLS1_2_VERSION,
1294
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1295
     SSL_HIGH | SSL_FIPS,
1296
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1297
     128,
1298
     128,
1299
     },
1300
    {
1301
     1,
1302
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1303
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1304
     TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1305
     SSL_kECDHE,
1306
     SSL_aRSA,
1307
     SSL_AES256GCM,
1308
     SSL_AEAD,
1309
     TLS1_2_VERSION, TLS1_2_VERSION,
1310
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1311
     SSL_HIGH | SSL_FIPS,
1312
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1313
     256,
1314
     256,
1315
     },
1316
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
1317
    {
1318
     1,
1319
     TLS1_TXT_PSK_WITH_NULL_SHA,
1320
     TLS1_RFC_PSK_WITH_NULL_SHA,
1321
     TLS1_CK_PSK_WITH_NULL_SHA,
1322
     SSL_kPSK,
1323
     SSL_aPSK,
1324
     SSL_eNULL,
1325
     SSL_SHA1,
1326
     SSL3_VERSION, TLS1_2_VERSION,
1327
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1328
     SSL_STRONG_NONE | SSL_FIPS,
1329
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1330
     0,
1331
     0,
1332
     },
1333
    {
1334
     1,
1335
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
1336
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA,
1337
     TLS1_CK_DHE_PSK_WITH_NULL_SHA,
1338
     SSL_kDHEPSK,
1339
     SSL_aPSK,
1340
     SSL_eNULL,
1341
     SSL_SHA1,
1342
     SSL3_VERSION, TLS1_2_VERSION,
1343
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1344
     SSL_STRONG_NONE | SSL_FIPS,
1345
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1346
     0,
1347
     0,
1348
     },
1349
    {
1350
     1,
1351
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
1352
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA,
1353
     TLS1_CK_RSA_PSK_WITH_NULL_SHA,
1354
     SSL_kRSAPSK,
1355
     SSL_aRSA,
1356
     SSL_eNULL,
1357
     SSL_SHA1,
1358
     SSL3_VERSION, TLS1_2_VERSION,
1359
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1360
     SSL_STRONG_NONE | SSL_FIPS,
1361
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1362
     0,
1363
     0,
1364
     },
1365
#endif
1366
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1367
    {
1368
     1,
1369
     TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1370
     TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA,
1371
     TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1372
     SSL_kPSK,
1373
     SSL_aPSK,
1374
     SSL_3DES,
1375
     SSL_SHA1,
1376
     SSL3_VERSION, TLS1_2_VERSION,
1377
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1378
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1379
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1380
     112,
1381
     168,
1382
     },
1383
# endif
1384
    {
1385
     1,
1386
     TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1387
     TLS1_RFC_PSK_WITH_AES_128_CBC_SHA,
1388
     TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1389
     SSL_kPSK,
1390
     SSL_aPSK,
1391
     SSL_AES128,
1392
     SSL_SHA1,
1393
     SSL3_VERSION, TLS1_2_VERSION,
1394
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1395
     SSL_HIGH | SSL_FIPS,
1396
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1397
     128,
1398
     128,
1399
     },
1400
    {
1401
     1,
1402
     TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1403
     TLS1_RFC_PSK_WITH_AES_256_CBC_SHA,
1404
     TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1405
     SSL_kPSK,
1406
     SSL_aPSK,
1407
     SSL_AES256,
1408
     SSL_SHA1,
1409
     SSL3_VERSION, TLS1_2_VERSION,
1410
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1411
     SSL_HIGH | SSL_FIPS,
1412
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1413
     256,
1414
     256,
1415
     },
1416
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1417
    {
1418
     1,
1419
     TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1420
     TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1421
     TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1422
     SSL_kDHEPSK,
1423
     SSL_aPSK,
1424
     SSL_3DES,
1425
     SSL_SHA1,
1426
     SSL3_VERSION, TLS1_2_VERSION,
1427
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1428
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1429
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1430
     112,
1431
     168,
1432
     },
1433
# endif
1434
    {
1435
     1,
1436
     TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
1437
     TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA,
1438
     TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
1439
     SSL_kDHEPSK,
1440
     SSL_aPSK,
1441
     SSL_AES128,
1442
     SSL_SHA1,
1443
     SSL3_VERSION, TLS1_2_VERSION,
1444
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1445
     SSL_HIGH | SSL_FIPS,
1446
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1447
     128,
1448
     128,
1449
     },
1450
    {
1451
     1,
1452
     TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
1453
     TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA,
1454
     TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
1455
     SSL_kDHEPSK,
1456
     SSL_aPSK,
1457
     SSL_AES256,
1458
     SSL_SHA1,
1459
     SSL3_VERSION, TLS1_2_VERSION,
1460
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1461
     SSL_HIGH | SSL_FIPS,
1462
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1463
     256,
1464
     256,
1465
     },
1466
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1467
    {
1468
     1,
1469
     TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1470
     TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1471
     TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1472
     SSL_kRSAPSK,
1473
     SSL_aRSA,
1474
     SSL_3DES,
1475
     SSL_SHA1,
1476
     SSL3_VERSION, TLS1_2_VERSION,
1477
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1478
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1479
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1480
     112,
1481
     168,
1482
     },
1483
# endif
1484
    {
1485
     1,
1486
     TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
1487
     TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA,
1488
     TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
1489
     SSL_kRSAPSK,
1490
     SSL_aRSA,
1491
     SSL_AES128,
1492
     SSL_SHA1,
1493
     SSL3_VERSION, TLS1_2_VERSION,
1494
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1495
     SSL_HIGH | SSL_FIPS,
1496
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1497
     128,
1498
     128,
1499
     },
1500
    {
1501
     1,
1502
     TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
1503
     TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA,
1504
     TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
1505
     SSL_kRSAPSK,
1506
     SSL_aRSA,
1507
     SSL_AES256,
1508
     SSL_SHA1,
1509
     SSL3_VERSION, TLS1_2_VERSION,
1510
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1511
     SSL_HIGH | SSL_FIPS,
1512
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1513
     256,
1514
     256,
1515
     },
1516
    {
1517
     1,
1518
     TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
1519
     TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256,
1520
     TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
1521
     SSL_kPSK,
1522
     SSL_aPSK,
1523
     SSL_AES128GCM,
1524
     SSL_AEAD,
1525
     TLS1_2_VERSION, TLS1_2_VERSION,
1526
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1527
     SSL_HIGH | SSL_FIPS,
1528
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1529
     128,
1530
     128,
1531
     },
1532
    {
1533
     1,
1534
     TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
1535
     TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384,
1536
     TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
1537
     SSL_kPSK,
1538
     SSL_aPSK,
1539
     SSL_AES256GCM,
1540
     SSL_AEAD,
1541
     TLS1_2_VERSION, TLS1_2_VERSION,
1542
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1543
     SSL_HIGH | SSL_FIPS,
1544
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1545
     256,
1546
     256,
1547
     },
1548
    {
1549
     1,
1550
     TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
1551
     TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256,
1552
     TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
1553
     SSL_kDHEPSK,
1554
     SSL_aPSK,
1555
     SSL_AES128GCM,
1556
     SSL_AEAD,
1557
     TLS1_2_VERSION, TLS1_2_VERSION,
1558
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1559
     SSL_HIGH | SSL_FIPS,
1560
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1561
     128,
1562
     128,
1563
     },
1564
    {
1565
     1,
1566
     TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
1567
     TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384,
1568
     TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
1569
     SSL_kDHEPSK,
1570
     SSL_aPSK,
1571
     SSL_AES256GCM,
1572
     SSL_AEAD,
1573
     TLS1_2_VERSION, TLS1_2_VERSION,
1574
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1575
     SSL_HIGH | SSL_FIPS,
1576
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1577
     256,
1578
     256,
1579
     },
1580
    {
1581
     1,
1582
     TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
1583
     TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256,
1584
     TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
1585
     SSL_kRSAPSK,
1586
     SSL_aRSA,
1587
     SSL_AES128GCM,
1588
     SSL_AEAD,
1589
     TLS1_2_VERSION, TLS1_2_VERSION,
1590
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1591
     SSL_HIGH | SSL_FIPS,
1592
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1593
     128,
1594
     128,
1595
     },
1596
    {
1597
     1,
1598
     TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
1599
     TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384,
1600
     TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
1601
     SSL_kRSAPSK,
1602
     SSL_aRSA,
1603
     SSL_AES256GCM,
1604
     SSL_AEAD,
1605
     TLS1_2_VERSION, TLS1_2_VERSION,
1606
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1607
     SSL_HIGH | SSL_FIPS,
1608
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1609
     256,
1610
     256,
1611
     },
1612
    {
1613
     1,
1614
     TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
1615
     TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256,
1616
     TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
1617
     SSL_kPSK,
1618
     SSL_aPSK,
1619
     SSL_AES128,
1620
     SSL_SHA256,
1621
     TLS1_VERSION, TLS1_2_VERSION,
1622
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1623
     SSL_HIGH | SSL_FIPS,
1624
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1625
     128,
1626
     128,
1627
     },
1628
    {
1629
     1,
1630
     TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
1631
     TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384,
1632
     TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
1633
     SSL_kPSK,
1634
     SSL_aPSK,
1635
     SSL_AES256,
1636
     SSL_SHA384,
1637
     TLS1_VERSION, TLS1_2_VERSION,
1638
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1639
     SSL_HIGH | SSL_FIPS,
1640
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1641
     256,
1642
     256,
1643
     },
1644
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
1645
    {
1646
     1,
1647
     TLS1_TXT_PSK_WITH_NULL_SHA256,
1648
     TLS1_RFC_PSK_WITH_NULL_SHA256,
1649
     TLS1_CK_PSK_WITH_NULL_SHA256,
1650
     SSL_kPSK,
1651
     SSL_aPSK,
1652
     SSL_eNULL,
1653
     SSL_SHA256,
1654
     TLS1_VERSION, TLS1_2_VERSION,
1655
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1656
     SSL_STRONG_NONE | SSL_FIPS,
1657
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1658
     0,
1659
     0,
1660
     },
1661
    {
1662
     1,
1663
     TLS1_TXT_PSK_WITH_NULL_SHA384,
1664
     TLS1_RFC_PSK_WITH_NULL_SHA384,
1665
     TLS1_CK_PSK_WITH_NULL_SHA384,
1666
     SSL_kPSK,
1667
     SSL_aPSK,
1668
     SSL_eNULL,
1669
     SSL_SHA384,
1670
     TLS1_VERSION, TLS1_2_VERSION,
1671
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1672
     SSL_STRONG_NONE | SSL_FIPS,
1673
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1674
     0,
1675
     0,
1676
     },
1677
#endif
1678
    {
1679
     1,
1680
     TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
1681
     TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256,
1682
     TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
1683
     SSL_kDHEPSK,
1684
     SSL_aPSK,
1685
     SSL_AES128,
1686
     SSL_SHA256,
1687
     TLS1_VERSION, TLS1_2_VERSION,
1688
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1689
     SSL_HIGH | SSL_FIPS,
1690
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1691
     128,
1692
     128,
1693
     },
1694
    {
1695
     1,
1696
     TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
1697
     TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384,
1698
     TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
1699
     SSL_kDHEPSK,
1700
     SSL_aPSK,
1701
     SSL_AES256,
1702
     SSL_SHA384,
1703
     TLS1_VERSION, TLS1_2_VERSION,
1704
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1705
     SSL_HIGH | SSL_FIPS,
1706
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1707
     256,
1708
     256,
1709
     },
1710
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
1711
    {
1712
     1,
1713
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
1714
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA256,
1715
     TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
1716
     SSL_kDHEPSK,
1717
     SSL_aPSK,
1718
     SSL_eNULL,
1719
     SSL_SHA256,
1720
     TLS1_VERSION, TLS1_2_VERSION,
1721
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1722
     SSL_STRONG_NONE | SSL_FIPS,
1723
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1724
     0,
1725
     0,
1726
     },
1727
    {
1728
     1,
1729
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
1730
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA384,
1731
     TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
1732
     SSL_kDHEPSK,
1733
     SSL_aPSK,
1734
     SSL_eNULL,
1735
     SSL_SHA384,
1736
     TLS1_VERSION, TLS1_2_VERSION,
1737
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1738
     SSL_STRONG_NONE | SSL_FIPS,
1739
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1740
     0,
1741
     0,
1742
     },
1743
#endif
1744
    {
1745
     1,
1746
     TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
1747
     TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256,
1748
     TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
1749
     SSL_kRSAPSK,
1750
     SSL_aRSA,
1751
     SSL_AES128,
1752
     SSL_SHA256,
1753
     TLS1_VERSION, TLS1_2_VERSION,
1754
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1755
     SSL_HIGH | SSL_FIPS,
1756
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1757
     128,
1758
     128,
1759
     },
1760
    {
1761
     1,
1762
     TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
1763
     TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384,
1764
     TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
1765
     SSL_kRSAPSK,
1766
     SSL_aRSA,
1767
     SSL_AES256,
1768
     SSL_SHA384,
1769
     TLS1_VERSION, TLS1_2_VERSION,
1770
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1771
     SSL_HIGH | SSL_FIPS,
1772
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1773
     256,
1774
     256,
1775
     },
1776
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
1777
    {
1778
     1,
1779
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
1780
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA256,
1781
     TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
1782
     SSL_kRSAPSK,
1783
     SSL_aRSA,
1784
     SSL_eNULL,
1785
     SSL_SHA256,
1786
     TLS1_VERSION, TLS1_2_VERSION,
1787
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1788
     SSL_STRONG_NONE | SSL_FIPS,
1789
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1790
     0,
1791
     0,
1792
     },
1793
    {
1794
     1,
1795
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
1796
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA384,
1797
     TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
1798
     SSL_kRSAPSK,
1799
     SSL_aRSA,
1800
     SSL_eNULL,
1801
     SSL_SHA384,
1802
     TLS1_VERSION, TLS1_2_VERSION,
1803
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1804
     SSL_STRONG_NONE | SSL_FIPS,
1805
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1806
     0,
1807
     0,
1808
     },
1809
#endif
1810
#  ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1811
    {
1812
     1,
1813
     TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1814
     TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1815
     TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1816
     SSL_kECDHEPSK,
1817
     SSL_aPSK,
1818
     SSL_3DES,
1819
     SSL_SHA1,
1820
     TLS1_VERSION, TLS1_2_VERSION,
1821
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1822
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1823
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1824
     112,
1825
     168,
1826
     },
1827
#  endif
1828
    {
1829
     1,
1830
     TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1831
     TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1832
     TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1833
     SSL_kECDHEPSK,
1834
     SSL_aPSK,
1835
     SSL_AES128,
1836
     SSL_SHA1,
1837
     TLS1_VERSION, TLS1_2_VERSION,
1838
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1839
     SSL_HIGH | SSL_FIPS,
1840
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1841
     128,
1842
     128,
1843
     },
1844
    {
1845
     1,
1846
     TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1847
     TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1848
     TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1849
     SSL_kECDHEPSK,
1850
     SSL_aPSK,
1851
     SSL_AES256,
1852
     SSL_SHA1,
1853
     TLS1_VERSION, TLS1_2_VERSION,
1854
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1855
     SSL_HIGH | SSL_FIPS,
1856
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1857
     256,
1858
     256,
1859
     },
1860
    {
1861
     1,
1862
     TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1863
     TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1864
     TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1865
     SSL_kECDHEPSK,
1866
     SSL_aPSK,
1867
     SSL_AES128,
1868
     SSL_SHA256,
1869
     TLS1_VERSION, TLS1_2_VERSION,
1870
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1871
     SSL_HIGH | SSL_FIPS,
1872
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1873
     128,
1874
     128,
1875
     },
1876
    {
1877
     1,
1878
     TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1879
     TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1880
     TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1881
     SSL_kECDHEPSK,
1882
     SSL_aPSK,
1883
     SSL_AES256,
1884
     SSL_SHA384,
1885
     TLS1_VERSION, TLS1_2_VERSION,
1886
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1887
     SSL_HIGH | SSL_FIPS,
1888
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1889
     256,
1890
     256,
1891
     },
1892
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
1893
    {
1894
     1,
1895
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
1896
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA,
1897
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
1898
     SSL_kECDHEPSK,
1899
     SSL_aPSK,
1900
     SSL_eNULL,
1901
     SSL_SHA1,
1902
     TLS1_VERSION, TLS1_2_VERSION,
1903
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1904
     SSL_STRONG_NONE | SSL_FIPS,
1905
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1906
     0,
1907
     0,
1908
     },
1909
    {
1910
     1,
1911
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
1912
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256,
1913
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
1914
     SSL_kECDHEPSK,
1915
     SSL_aPSK,
1916
     SSL_eNULL,
1917
     SSL_SHA256,
1918
     TLS1_VERSION, TLS1_2_VERSION,
1919
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1920
     SSL_STRONG_NONE | SSL_FIPS,
1921
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1922
     0,
1923
     0,
1924
     },
1925
    {
1926
     1,
1927
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
1928
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384,
1929
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
1930
     SSL_kECDHEPSK,
1931
     SSL_aPSK,
1932
     SSL_eNULL,
1933
     SSL_SHA384,
1934
     TLS1_VERSION, TLS1_2_VERSION,
1935
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1936
     SSL_STRONG_NONE | SSL_FIPS,
1937
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1938
     0,
1939
     0,
1940
     },
1941
#endif
1942
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1943
    {
1944
     1,
1945
     TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1946
     TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1947
     TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1948
     SSL_kSRP,
1949
     SSL_aSRP,
1950
     SSL_3DES,
1951
     SSL_SHA1,
1952
     SSL3_VERSION, TLS1_2_VERSION,
1953
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1954
     SSL_NOT_DEFAULT | SSL_MEDIUM,
1955
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1956
     112,
1957
     168,
1958
     },
1959
    {
1960
     1,
1961
     TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1962
     TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1963
     TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1964
     SSL_kSRP,
1965
     SSL_aRSA,
1966
     SSL_3DES,
1967
     SSL_SHA1,
1968
     SSL3_VERSION, TLS1_2_VERSION,
1969
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1970
     SSL_NOT_DEFAULT | SSL_MEDIUM,
1971
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1972
     112,
1973
     168,
1974
     },
1975
    {
1976
     1,
1977
     TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1978
     TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1979
     TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1980
     SSL_kSRP,
1981
     SSL_aDSS,
1982
     SSL_3DES,
1983
     SSL_SHA1,
1984
     SSL3_VERSION, TLS1_2_VERSION,
1985
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1986
     SSL_NOT_DEFAULT | SSL_MEDIUM,
1987
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1988
     112,
1989
     168,
1990
     },
1991
# endif
1992
    {
1993
     1,
1994
     TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
1995
     TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA,
1996
     TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
1997
     SSL_kSRP,
1998
     SSL_aSRP,
1999
     SSL_AES128,
2000
     SSL_SHA1,
2001
     SSL3_VERSION, TLS1_2_VERSION,
2002
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2003
     SSL_HIGH,
2004
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2005
     128,
2006
     128,
2007
     },
2008
    {
2009
     1,
2010
     TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2011
     TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2012
     TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2013
     SSL_kSRP,
2014
     SSL_aRSA,
2015
     SSL_AES128,
2016
     SSL_SHA1,
2017
     SSL3_VERSION, TLS1_2_VERSION,
2018
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2019
     SSL_HIGH,
2020
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2021
     128,
2022
     128,
2023
     },
2024
    {
2025
     1,
2026
     TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2027
     TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2028
     TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2029
     SSL_kSRP,
2030
     SSL_aDSS,
2031
     SSL_AES128,
2032
     SSL_SHA1,
2033
     SSL3_VERSION, TLS1_2_VERSION,
2034
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2035
     SSL_NOT_DEFAULT | SSL_HIGH,
2036
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2037
     128,
2038
     128,
2039
     },
2040
    {
2041
     1,
2042
     TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
2043
     TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA,
2044
     TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
2045
     SSL_kSRP,
2046
     SSL_aSRP,
2047
     SSL_AES256,
2048
     SSL_SHA1,
2049
     SSL3_VERSION, TLS1_2_VERSION,
2050
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2051
     SSL_HIGH,
2052
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2053
     256,
2054
     256,
2055
     },
2056
    {
2057
     1,
2058
     TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2059
     TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2060
     TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2061
     SSL_kSRP,
2062
     SSL_aRSA,
2063
     SSL_AES256,
2064
     SSL_SHA1,
2065
     SSL3_VERSION, TLS1_2_VERSION,
2066
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2067
     SSL_HIGH,
2068
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2069
     256,
2070
     256,
2071
     },
2072
    {
2073
     1,
2074
     TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2075
     TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2076
     TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2077
     SSL_kSRP,
2078
     SSL_aDSS,
2079
     SSL_AES256,
2080
     SSL_SHA1,
2081
     SSL3_VERSION, TLS1_2_VERSION,
2082
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2083
     SSL_NOT_DEFAULT | SSL_HIGH,
2084
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2085
     256,
2086
     256,
2087
     },
2088
2089
    {
2090
     1,
2091
     TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
2092
     TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305,
2093
     TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
2094
     SSL_kDHE,
2095
     SSL_aRSA,
2096
     SSL_CHACHA20POLY1305,
2097
     SSL_AEAD,
2098
     TLS1_2_VERSION, TLS1_2_VERSION,
2099
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2100
     SSL_HIGH,
2101
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2102
     256,
2103
     256,
2104
     },
2105
    {
2106
     1,
2107
     TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2108
     TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2109
     TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2110
     SSL_kECDHE,
2111
     SSL_aRSA,
2112
     SSL_CHACHA20POLY1305,
2113
     SSL_AEAD,
2114
     TLS1_2_VERSION, TLS1_2_VERSION,
2115
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2116
     SSL_HIGH,
2117
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2118
     256,
2119
     256,
2120
     },
2121
    {
2122
     1,
2123
     TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2124
     TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2125
     TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2126
     SSL_kECDHE,
2127
     SSL_aECDSA,
2128
     SSL_CHACHA20POLY1305,
2129
     SSL_AEAD,
2130
     TLS1_2_VERSION, TLS1_2_VERSION,
2131
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2132
     SSL_HIGH,
2133
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2134
     256,
2135
     256,
2136
     },
2137
    {
2138
     1,
2139
     TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
2140
     TLS1_RFC_PSK_WITH_CHACHA20_POLY1305,
2141
     TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
2142
     SSL_kPSK,
2143
     SSL_aPSK,
2144
     SSL_CHACHA20POLY1305,
2145
     SSL_AEAD,
2146
     TLS1_2_VERSION, TLS1_2_VERSION,
2147
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2148
     SSL_HIGH,
2149
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2150
     256,
2151
     256,
2152
     },
2153
    {
2154
     1,
2155
     TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2156
     TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2157
     TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2158
     SSL_kECDHEPSK,
2159
     SSL_aPSK,
2160
     SSL_CHACHA20POLY1305,
2161
     SSL_AEAD,
2162
     TLS1_2_VERSION, TLS1_2_VERSION,
2163
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2164
     SSL_HIGH,
2165
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2166
     256,
2167
     256,
2168
     },
2169
    {
2170
     1,
2171
     TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
2172
     TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305,
2173
     TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
2174
     SSL_kDHEPSK,
2175
     SSL_aPSK,
2176
     SSL_CHACHA20POLY1305,
2177
     SSL_AEAD,
2178
     TLS1_2_VERSION, TLS1_2_VERSION,
2179
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2180
     SSL_HIGH,
2181
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2182
     256,
2183
     256,
2184
     },
2185
    {
2186
     1,
2187
     TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
2188
     TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305,
2189
     TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
2190
     SSL_kRSAPSK,
2191
     SSL_aRSA,
2192
     SSL_CHACHA20POLY1305,
2193
     SSL_AEAD,
2194
     TLS1_2_VERSION, TLS1_2_VERSION,
2195
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2196
     SSL_HIGH,
2197
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2198
     256,
2199
     256,
2200
     },
2201
2202
    {
2203
     1,
2204
     TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2205
     TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2206
     TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2207
     SSL_kRSA,
2208
     SSL_aRSA,
2209
     SSL_CAMELLIA128,
2210
     SSL_SHA256,
2211
     TLS1_2_VERSION, TLS1_2_VERSION,
2212
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2213
     SSL_NOT_DEFAULT | SSL_HIGH,
2214
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2215
     128,
2216
     128,
2217
     },
2218
    {
2219
     1,
2220
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2221
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2222
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2223
     SSL_kDHE,
2224
     SSL_aDSS,
2225
     SSL_CAMELLIA128,
2226
     SSL_SHA256,
2227
     TLS1_2_VERSION, TLS1_2_VERSION,
2228
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2229
     SSL_NOT_DEFAULT | SSL_HIGH,
2230
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2231
     128,
2232
     128,
2233
     },
2234
    {
2235
     1,
2236
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2237
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2238
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2239
     SSL_kDHE,
2240
     SSL_aRSA,
2241
     SSL_CAMELLIA128,
2242
     SSL_SHA256,
2243
     TLS1_2_VERSION, TLS1_2_VERSION,
2244
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2245
     SSL_NOT_DEFAULT | SSL_HIGH,
2246
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2247
     128,
2248
     128,
2249
     },
2250
    {
2251
     1,
2252
     TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2253
     TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2254
     TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2255
     SSL_kDHE,
2256
     SSL_aNULL,
2257
     SSL_CAMELLIA128,
2258
     SSL_SHA256,
2259
     TLS1_2_VERSION, TLS1_2_VERSION,
2260
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2261
     SSL_NOT_DEFAULT | SSL_HIGH,
2262
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2263
     128,
2264
     128,
2265
     },
2266
    {
2267
     1,
2268
     TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2269
     TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2270
     TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2271
     SSL_kRSA,
2272
     SSL_aRSA,
2273
     SSL_CAMELLIA256,
2274
     SSL_SHA256,
2275
     TLS1_2_VERSION, TLS1_2_VERSION,
2276
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2277
     SSL_NOT_DEFAULT | SSL_HIGH,
2278
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2279
     256,
2280
     256,
2281
     },
2282
    {
2283
     1,
2284
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2285
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2286
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2287
     SSL_kDHE,
2288
     SSL_aDSS,
2289
     SSL_CAMELLIA256,
2290
     SSL_SHA256,
2291
     TLS1_2_VERSION, TLS1_2_VERSION,
2292
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2293
     SSL_NOT_DEFAULT | SSL_HIGH,
2294
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2295
     256,
2296
     256,
2297
     },
2298
    {
2299
     1,
2300
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2301
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2302
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2303
     SSL_kDHE,
2304
     SSL_aRSA,
2305
     SSL_CAMELLIA256,
2306
     SSL_SHA256,
2307
     TLS1_2_VERSION, TLS1_2_VERSION,
2308
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2309
     SSL_NOT_DEFAULT | SSL_HIGH,
2310
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2311
     256,
2312
     256,
2313
     },
2314
    {
2315
     1,
2316
     TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2317
     TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2318
     TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2319
     SSL_kDHE,
2320
     SSL_aNULL,
2321
     SSL_CAMELLIA256,
2322
     SSL_SHA256,
2323
     TLS1_2_VERSION, TLS1_2_VERSION,
2324
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2325
     SSL_NOT_DEFAULT | SSL_HIGH,
2326
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2327
     256,
2328
     256,
2329
     },
2330
    {
2331
     1,
2332
     TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
2333
     TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA,
2334
     TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
2335
     SSL_kRSA,
2336
     SSL_aRSA,
2337
     SSL_CAMELLIA256,
2338
     SSL_SHA1,
2339
     SSL3_VERSION, TLS1_2_VERSION,
2340
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2341
     SSL_NOT_DEFAULT | SSL_HIGH,
2342
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2343
     256,
2344
     256,
2345
     },
2346
    {
2347
     1,
2348
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2349
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2350
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2351
     SSL_kDHE,
2352
     SSL_aDSS,
2353
     SSL_CAMELLIA256,
2354
     SSL_SHA1,
2355
     SSL3_VERSION, TLS1_2_VERSION,
2356
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2357
     SSL_NOT_DEFAULT | SSL_HIGH,
2358
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2359
     256,
2360
     256,
2361
     },
2362
    {
2363
     1,
2364
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2365
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2366
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2367
     SSL_kDHE,
2368
     SSL_aRSA,
2369
     SSL_CAMELLIA256,
2370
     SSL_SHA1,
2371
     SSL3_VERSION, TLS1_2_VERSION,
2372
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2373
     SSL_NOT_DEFAULT | SSL_HIGH,
2374
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2375
     256,
2376
     256,
2377
     },
2378
    {
2379
     1,
2380
     TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
2381
     TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA,
2382
     TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
2383
     SSL_kDHE,
2384
     SSL_aNULL,
2385
     SSL_CAMELLIA256,
2386
     SSL_SHA1,
2387
     SSL3_VERSION, TLS1_2_VERSION,
2388
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2389
     SSL_NOT_DEFAULT | SSL_HIGH,
2390
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2391
     256,
2392
     256,
2393
     },
2394
    {
2395
     1,
2396
     TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
2397
     TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA,
2398
     TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
2399
     SSL_kRSA,
2400
     SSL_aRSA,
2401
     SSL_CAMELLIA128,
2402
     SSL_SHA1,
2403
     SSL3_VERSION, TLS1_2_VERSION,
2404
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2405
     SSL_NOT_DEFAULT | SSL_HIGH,
2406
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2407
     128,
2408
     128,
2409
     },
2410
    {
2411
     1,
2412
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2413
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2414
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2415
     SSL_kDHE,
2416
     SSL_aDSS,
2417
     SSL_CAMELLIA128,
2418
     SSL_SHA1,
2419
     SSL3_VERSION, TLS1_2_VERSION,
2420
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2421
     SSL_NOT_DEFAULT | SSL_HIGH,
2422
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2423
     128,
2424
     128,
2425
     },
2426
    {
2427
     1,
2428
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2429
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2430
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2431
     SSL_kDHE,
2432
     SSL_aRSA,
2433
     SSL_CAMELLIA128,
2434
     SSL_SHA1,
2435
     SSL3_VERSION, TLS1_2_VERSION,
2436
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2437
     SSL_NOT_DEFAULT | SSL_HIGH,
2438
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2439
     128,
2440
     128,
2441
     },
2442
    {
2443
     1,
2444
     TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
2445
     TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA,
2446
     TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
2447
     SSL_kDHE,
2448
     SSL_aNULL,
2449
     SSL_CAMELLIA128,
2450
     SSL_SHA1,
2451
     SSL3_VERSION, TLS1_2_VERSION,
2452
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2453
     SSL_NOT_DEFAULT | SSL_HIGH,
2454
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2455
     128,
2456
     128,
2457
     },
2458
    {
2459
     1,
2460
     TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2461
     TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2462
     TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2463
     SSL_kECDHE,
2464
     SSL_aECDSA,
2465
     SSL_CAMELLIA128,
2466
     SSL_SHA256,
2467
     TLS1_2_VERSION, TLS1_2_VERSION,
2468
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2469
     SSL_NOT_DEFAULT | SSL_HIGH,
2470
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2471
     128,
2472
     128,
2473
     },
2474
    {
2475
     1,
2476
     TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2477
     TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2478
     TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2479
     SSL_kECDHE,
2480
     SSL_aECDSA,
2481
     SSL_CAMELLIA256,
2482
     SSL_SHA384,
2483
     TLS1_2_VERSION, TLS1_2_VERSION,
2484
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2485
     SSL_NOT_DEFAULT | SSL_HIGH,
2486
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2487
     256,
2488
     256,
2489
     },
2490
    {
2491
     1,
2492
     TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2493
     TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2494
     TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2495
     SSL_kECDHE,
2496
     SSL_aRSA,
2497
     SSL_CAMELLIA128,
2498
     SSL_SHA256,
2499
     TLS1_2_VERSION, TLS1_2_VERSION,
2500
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2501
     SSL_NOT_DEFAULT | SSL_HIGH,
2502
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2503
     128,
2504
     128,
2505
     },
2506
    {
2507
     1,
2508
     TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2509
     TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2510
     TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2511
     SSL_kECDHE,
2512
     SSL_aRSA,
2513
     SSL_CAMELLIA256,
2514
     SSL_SHA384,
2515
     TLS1_2_VERSION, TLS1_2_VERSION,
2516
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2517
     SSL_NOT_DEFAULT | SSL_HIGH,
2518
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2519
     256,
2520
     256,
2521
     },
2522
    {
2523
     1,
2524
     TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2525
     TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2526
     TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2527
     SSL_kPSK,
2528
     SSL_aPSK,
2529
     SSL_CAMELLIA128,
2530
     SSL_SHA256,
2531
     TLS1_VERSION, TLS1_2_VERSION,
2532
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2533
     SSL_NOT_DEFAULT | SSL_HIGH,
2534
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2535
     128,
2536
     128,
2537
     },
2538
    {
2539
     1,
2540
     TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2541
     TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2542
     TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2543
     SSL_kPSK,
2544
     SSL_aPSK,
2545
     SSL_CAMELLIA256,
2546
     SSL_SHA384,
2547
     TLS1_VERSION, TLS1_2_VERSION,
2548
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2549
     SSL_NOT_DEFAULT | SSL_HIGH,
2550
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2551
     256,
2552
     256,
2553
     },
2554
    {
2555
     1,
2556
     TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2557
     TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2558
     TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2559
     SSL_kDHEPSK,
2560
     SSL_aPSK,
2561
     SSL_CAMELLIA128,
2562
     SSL_SHA256,
2563
     TLS1_VERSION, TLS1_2_VERSION,
2564
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2565
     SSL_NOT_DEFAULT | SSL_HIGH,
2566
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2567
     128,
2568
     128,
2569
     },
2570
    {
2571
     1,
2572
     TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2573
     TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2574
     TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2575
     SSL_kDHEPSK,
2576
     SSL_aPSK,
2577
     SSL_CAMELLIA256,
2578
     SSL_SHA384,
2579
     TLS1_VERSION, TLS1_2_VERSION,
2580
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2581
     SSL_NOT_DEFAULT | SSL_HIGH,
2582
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2583
     256,
2584
     256,
2585
     },
2586
    {
2587
     1,
2588
     TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2589
     TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2590
     TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2591
     SSL_kRSAPSK,
2592
     SSL_aRSA,
2593
     SSL_CAMELLIA128,
2594
     SSL_SHA256,
2595
     TLS1_VERSION, TLS1_2_VERSION,
2596
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2597
     SSL_NOT_DEFAULT | SSL_HIGH,
2598
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2599
     128,
2600
     128,
2601
     },
2602
    {
2603
     1,
2604
     TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2605
     TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2606
     TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2607
     SSL_kRSAPSK,
2608
     SSL_aRSA,
2609
     SSL_CAMELLIA256,
2610
     SSL_SHA384,
2611
     TLS1_VERSION, TLS1_2_VERSION,
2612
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2613
     SSL_NOT_DEFAULT | SSL_HIGH,
2614
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2615
     256,
2616
     256,
2617
     },
2618
    {
2619
     1,
2620
     TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2621
     TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2622
     TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2623
     SSL_kECDHEPSK,
2624
     SSL_aPSK,
2625
     SSL_CAMELLIA128,
2626
     SSL_SHA256,
2627
     TLS1_VERSION, TLS1_2_VERSION,
2628
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2629
     SSL_NOT_DEFAULT | SSL_HIGH,
2630
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2631
     128,
2632
     128,
2633
     },
2634
    {
2635
     1,
2636
     TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2637
     TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2638
     TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2639
     SSL_kECDHEPSK,
2640
     SSL_aPSK,
2641
     SSL_CAMELLIA256,
2642
     SSL_SHA384,
2643
     TLS1_VERSION, TLS1_2_VERSION,
2644
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2645
     SSL_NOT_DEFAULT | SSL_HIGH,
2646
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2647
     256,
2648
     256,
2649
     },
2650
2651
#ifndef OPENSSL_NO_GOST
2652
    {
2653
     1,
2654
     "GOST2001-GOST89-GOST89",
2655
     "TLS_GOSTR341001_WITH_28147_CNT_IMIT",
2656
     0x3000081,
2657
     SSL_kGOST,
2658
     SSL_aGOST01,
2659
     SSL_eGOST2814789CNT,
2660
     SSL_GOST89MAC,
2661
     TLS1_VERSION, TLS1_2_VERSION,
2662
     0, 0,
2663
     SSL_HIGH,
2664
     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
2665
     256,
2666
     256,
2667
     },
2668
# ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
2669
    {
2670
     1,
2671
     "GOST2001-NULL-GOST94",
2672
     "TLS_GOSTR341001_WITH_NULL_GOSTR3411",
2673
     0x3000083,
2674
     SSL_kGOST,
2675
     SSL_aGOST01,
2676
     SSL_eNULL,
2677
     SSL_GOST94,
2678
     TLS1_VERSION, TLS1_2_VERSION,
2679
     0, 0,
2680
     SSL_STRONG_NONE,
2681
     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
2682
     0,
2683
     0,
2684
     },
2685
# endif
2686
    {
2687
     1,
2688
     "IANA-GOST2012-GOST8912-GOST8912",
2689
     NULL,
2690
     0x0300c102,
2691
     SSL_kGOST,
2692
     SSL_aGOST12 | SSL_aGOST01,
2693
     SSL_eGOST2814789CNT12,
2694
     SSL_GOST89MAC12,
2695
     TLS1_VERSION, TLS1_2_VERSION,
2696
     0, 0,
2697
     SSL_HIGH,
2698
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2699
     256,
2700
     256,
2701
     },
2702
    {
2703
     1,
2704
     "LEGACY-GOST2012-GOST8912-GOST8912",
2705
     NULL,
2706
     0x0300ff85,
2707
     SSL_kGOST,
2708
     SSL_aGOST12 | SSL_aGOST01,
2709
     SSL_eGOST2814789CNT12,
2710
     SSL_GOST89MAC12,
2711
     TLS1_VERSION, TLS1_2_VERSION,
2712
     0, 0,
2713
     SSL_HIGH,
2714
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2715
     256,
2716
     256,
2717
     },
2718
# ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
2719
    {
2720
     1,
2721
     "GOST2012-NULL-GOST12",
2722
     NULL,
2723
     0x0300ff87,
2724
     SSL_kGOST,
2725
     SSL_aGOST12 | SSL_aGOST01,
2726
     SSL_eNULL,
2727
     SSL_GOST12_256,
2728
     TLS1_VERSION, TLS1_2_VERSION,
2729
     0, 0,
2730
     SSL_STRONG_NONE,
2731
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2732
     0,
2733
     0,
2734
     },
2735
# endif
2736
    {
2737
     1,
2738
     "GOST2012-KUZNYECHIK-KUZNYECHIKOMAC",
2739
     NULL,
2740
     0x0300C100,
2741
     SSL_kGOST18,
2742
     SSL_aGOST12,
2743
     SSL_KUZNYECHIK,
2744
     SSL_KUZNYECHIKOMAC,
2745
     TLS1_2_VERSION, TLS1_2_VERSION,
2746
     0, 0,
2747
     SSL_HIGH,
2748
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_TLSTREE,
2749
     256,
2750
     256,
2751
     },
2752
    {
2753
     1,
2754
     "GOST2012-MAGMA-MAGMAOMAC",
2755
     NULL,
2756
     0x0300C101,
2757
     SSL_kGOST18,
2758
     SSL_aGOST12,
2759
     SSL_MAGMA,
2760
     SSL_MAGMAOMAC,
2761
     TLS1_2_VERSION, TLS1_2_VERSION,
2762
     0, 0,
2763
     SSL_HIGH,
2764
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_TLSTREE,
2765
     256,
2766
     256,
2767
     },
2768
#endif                          /* OPENSSL_NO_GOST */
2769
2770
    {
2771
     1,
2772
     SSL3_TXT_RSA_IDEA_128_SHA,
2773
     SSL3_RFC_RSA_IDEA_128_SHA,
2774
     SSL3_CK_RSA_IDEA_128_SHA,
2775
     SSL_kRSA,
2776
     SSL_aRSA,
2777
     SSL_IDEA,
2778
     SSL_SHA1,
2779
     SSL3_VERSION, TLS1_1_VERSION,
2780
     DTLS1_BAD_VER, DTLS1_VERSION,
2781
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2782
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2783
     128,
2784
     128,
2785
     },
2786
2787
    {
2788
     1,
2789
     TLS1_TXT_RSA_WITH_SEED_SHA,
2790
     TLS1_RFC_RSA_WITH_SEED_SHA,
2791
     TLS1_CK_RSA_WITH_SEED_SHA,
2792
     SSL_kRSA,
2793
     SSL_aRSA,
2794
     SSL_SEED,
2795
     SSL_SHA1,
2796
     SSL3_VERSION, TLS1_2_VERSION,
2797
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2798
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2799
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2800
     128,
2801
     128,
2802
     },
2803
    {
2804
     1,
2805
     TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
2806
     TLS1_RFC_DHE_DSS_WITH_SEED_SHA,
2807
     TLS1_CK_DHE_DSS_WITH_SEED_SHA,
2808
     SSL_kDHE,
2809
     SSL_aDSS,
2810
     SSL_SEED,
2811
     SSL_SHA1,
2812
     SSL3_VERSION, TLS1_2_VERSION,
2813
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2814
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2815
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2816
     128,
2817
     128,
2818
     },
2819
    {
2820
     1,
2821
     TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
2822
     TLS1_RFC_DHE_RSA_WITH_SEED_SHA,
2823
     TLS1_CK_DHE_RSA_WITH_SEED_SHA,
2824
     SSL_kDHE,
2825
     SSL_aRSA,
2826
     SSL_SEED,
2827
     SSL_SHA1,
2828
     SSL3_VERSION, TLS1_2_VERSION,
2829
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2830
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2831
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2832
     128,
2833
     128,
2834
     },
2835
    {
2836
     1,
2837
     TLS1_TXT_ADH_WITH_SEED_SHA,
2838
     TLS1_RFC_ADH_WITH_SEED_SHA,
2839
     TLS1_CK_ADH_WITH_SEED_SHA,
2840
     SSL_kDHE,
2841
     SSL_aNULL,
2842
     SSL_SEED,
2843
     SSL_SHA1,
2844
     SSL3_VERSION, TLS1_2_VERSION,
2845
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2846
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2847
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2848
     128,
2849
     128,
2850
     },
2851
2852
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
2853
    {
2854
     1,
2855
     SSL3_TXT_RSA_RC4_128_MD5,
2856
     SSL3_RFC_RSA_RC4_128_MD5,
2857
     SSL3_CK_RSA_RC4_128_MD5,
2858
     SSL_kRSA,
2859
     SSL_aRSA,
2860
     SSL_RC4,
2861
     SSL_MD5,
2862
     SSL3_VERSION, TLS1_2_VERSION,
2863
     0, 0,
2864
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2865
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2866
     80,
2867
     128,
2868
     },
2869
    {
2870
     1,
2871
     SSL3_TXT_RSA_RC4_128_SHA,
2872
     SSL3_RFC_RSA_RC4_128_SHA,
2873
     SSL3_CK_RSA_RC4_128_SHA,
2874
     SSL_kRSA,
2875
     SSL_aRSA,
2876
     SSL_RC4,
2877
     SSL_SHA1,
2878
     SSL3_VERSION, TLS1_2_VERSION,
2879
     0, 0,
2880
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2881
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2882
     80,
2883
     128,
2884
     },
2885
    {
2886
     1,
2887
     SSL3_TXT_ADH_RC4_128_MD5,
2888
     SSL3_RFC_ADH_RC4_128_MD5,
2889
     SSL3_CK_ADH_RC4_128_MD5,
2890
     SSL_kDHE,
2891
     SSL_aNULL,
2892
     SSL_RC4,
2893
     SSL_MD5,
2894
     SSL3_VERSION, TLS1_2_VERSION,
2895
     0, 0,
2896
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2897
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2898
     80,
2899
     128,
2900
     },
2901
    {
2902
     1,
2903
     TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
2904
     TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA,
2905
     TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
2906
     SSL_kECDHEPSK,
2907
     SSL_aPSK,
2908
     SSL_RC4,
2909
     SSL_SHA1,
2910
     TLS1_VERSION, TLS1_2_VERSION,
2911
     0, 0,
2912
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2913
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2914
     80,
2915
     128,
2916
     },
2917
    {
2918
     1,
2919
     TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2920
     TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA,
2921
     TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2922
     SSL_kECDHE,
2923
     SSL_aNULL,
2924
     SSL_RC4,
2925
     SSL_SHA1,
2926
     TLS1_VERSION, TLS1_2_VERSION,
2927
     0, 0,
2928
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2929
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2930
     80,
2931
     128,
2932
     },
2933
    {
2934
     1,
2935
     TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2936
     TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA,
2937
     TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2938
     SSL_kECDHE,
2939
     SSL_aECDSA,
2940
     SSL_RC4,
2941
     SSL_SHA1,
2942
     TLS1_VERSION, TLS1_2_VERSION,
2943
     0, 0,
2944
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2945
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2946
     80,
2947
     128,
2948
     },
2949
    {
2950
     1,
2951
     TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2952
     TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA,
2953
     TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2954
     SSL_kECDHE,
2955
     SSL_aRSA,
2956
     SSL_RC4,
2957
     SSL_SHA1,
2958
     TLS1_VERSION, TLS1_2_VERSION,
2959
     0, 0,
2960
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2961
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2962
     80,
2963
     128,
2964
     },
2965
    {
2966
     1,
2967
     TLS1_TXT_PSK_WITH_RC4_128_SHA,
2968
     TLS1_RFC_PSK_WITH_RC4_128_SHA,
2969
     TLS1_CK_PSK_WITH_RC4_128_SHA,
2970
     SSL_kPSK,
2971
     SSL_aPSK,
2972
     SSL_RC4,
2973
     SSL_SHA1,
2974
     SSL3_VERSION, TLS1_2_VERSION,
2975
     0, 0,
2976
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2977
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2978
     80,
2979
     128,
2980
     },
2981
    {
2982
     1,
2983
     TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
2984
     TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA,
2985
     TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
2986
     SSL_kRSAPSK,
2987
     SSL_aRSA,
2988
     SSL_RC4,
2989
     SSL_SHA1,
2990
     SSL3_VERSION, TLS1_2_VERSION,
2991
     0, 0,
2992
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2993
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2994
     80,
2995
     128,
2996
     },
2997
    {
2998
     1,
2999
     TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
3000
     TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA,
3001
     TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
3002
     SSL_kDHEPSK,
3003
     SSL_aPSK,
3004
     SSL_RC4,
3005
     SSL_SHA1,
3006
     SSL3_VERSION, TLS1_2_VERSION,
3007
     0, 0,
3008
     SSL_NOT_DEFAULT | SSL_MEDIUM,
3009
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
3010
     80,
3011
     128,
3012
     },
3013
#endif                          /* OPENSSL_NO_WEAK_SSL_CIPHERS */
3014
3015
    {
3016
     1,
3017
     TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
3018
     TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256,
3019
     TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256,
3020
     SSL_kRSA,
3021
     SSL_aRSA,
3022
     SSL_ARIA128GCM,
3023
     SSL_AEAD,
3024
     TLS1_2_VERSION, TLS1_2_VERSION,
3025
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3026
     SSL_NOT_DEFAULT | SSL_HIGH,
3027
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3028
     128,
3029
     128,
3030
     },
3031
    {
3032
     1,
3033
     TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384,
3034
     TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384,
3035
     TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384,
3036
     SSL_kRSA,
3037
     SSL_aRSA,
3038
     SSL_ARIA256GCM,
3039
     SSL_AEAD,
3040
     TLS1_2_VERSION, TLS1_2_VERSION,
3041
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3042
     SSL_NOT_DEFAULT | SSL_HIGH,
3043
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3044
     256,
3045
     256,
3046
     },
3047
    {
3048
     1,
3049
     TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
3050
     TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
3051
     TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
3052
     SSL_kDHE,
3053
     SSL_aRSA,
3054
     SSL_ARIA128GCM,
3055
     SSL_AEAD,
3056
     TLS1_2_VERSION, TLS1_2_VERSION,
3057
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3058
     SSL_NOT_DEFAULT | SSL_HIGH,
3059
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3060
     128,
3061
     128,
3062
     },
3063
    {
3064
     1,
3065
     TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
3066
     TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
3067
     TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
3068
     SSL_kDHE,
3069
     SSL_aRSA,
3070
     SSL_ARIA256GCM,
3071
     SSL_AEAD,
3072
     TLS1_2_VERSION, TLS1_2_VERSION,
3073
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3074
     SSL_NOT_DEFAULT | SSL_HIGH,
3075
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3076
     256,
3077
     256,
3078
     },
3079
    {
3080
     1,
3081
     TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
3082
     TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
3083
     TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
3084
     SSL_kDHE,
3085
     SSL_aDSS,
3086
     SSL_ARIA128GCM,
3087
     SSL_AEAD,
3088
     TLS1_2_VERSION, TLS1_2_VERSION,
3089
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3090
     SSL_NOT_DEFAULT | SSL_HIGH,
3091
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3092
     128,
3093
     128,
3094
     },
3095
    {
3096
     1,
3097
     TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3098
     TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3099
     TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3100
     SSL_kDHE,
3101
     SSL_aDSS,
3102
     SSL_ARIA256GCM,
3103
     SSL_AEAD,
3104
     TLS1_2_VERSION, TLS1_2_VERSION,
3105
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3106
     SSL_NOT_DEFAULT | SSL_HIGH,
3107
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3108
     256,
3109
     256,
3110
     },
3111
    {
3112
     1,
3113
     TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3114
     TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3115
     TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3116
     SSL_kECDHE,
3117
     SSL_aECDSA,
3118
     SSL_ARIA128GCM,
3119
     SSL_AEAD,
3120
     TLS1_2_VERSION, TLS1_2_VERSION,
3121
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3122
     SSL_NOT_DEFAULT | SSL_HIGH,
3123
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3124
     128,
3125
     128,
3126
     },
3127
    {
3128
     1,
3129
     TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3130
     TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3131
     TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3132
     SSL_kECDHE,
3133
     SSL_aECDSA,
3134
     SSL_ARIA256GCM,
3135
     SSL_AEAD,
3136
     TLS1_2_VERSION, TLS1_2_VERSION,
3137
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3138
     SSL_NOT_DEFAULT | SSL_HIGH,
3139
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3140
     256,
3141
     256,
3142
     },
3143
    {
3144
     1,
3145
     TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3146
     TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3147
     TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3148
     SSL_kECDHE,
3149
     SSL_aRSA,
3150
     SSL_ARIA128GCM,
3151
     SSL_AEAD,
3152
     TLS1_2_VERSION, TLS1_2_VERSION,
3153
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3154
     SSL_NOT_DEFAULT | SSL_HIGH,
3155
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3156
     128,
3157
     128,
3158
     },
3159
    {
3160
     1,
3161
     TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3162
     TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3163
     TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3164
     SSL_kECDHE,
3165
     SSL_aRSA,
3166
     SSL_ARIA256GCM,
3167
     SSL_AEAD,
3168
     TLS1_2_VERSION, TLS1_2_VERSION,
3169
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3170
     SSL_NOT_DEFAULT | SSL_HIGH,
3171
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3172
     256,
3173
     256,
3174
     },
3175
    {
3176
     1,
3177
     TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256,
3178
     TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256,
3179
     TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256,
3180
     SSL_kPSK,
3181
     SSL_aPSK,
3182
     SSL_ARIA128GCM,
3183
     SSL_AEAD,
3184
     TLS1_2_VERSION, TLS1_2_VERSION,
3185
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3186
     SSL_NOT_DEFAULT | SSL_HIGH,
3187
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3188
     128,
3189
     128,
3190
     },
3191
    {
3192
     1,
3193
     TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384,
3194
     TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384,
3195
     TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384,
3196
     SSL_kPSK,
3197
     SSL_aPSK,
3198
     SSL_ARIA256GCM,
3199
     SSL_AEAD,
3200
     TLS1_2_VERSION, TLS1_2_VERSION,
3201
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3202
     SSL_NOT_DEFAULT | SSL_HIGH,
3203
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3204
     256,
3205
     256,
3206
     },
3207
    {
3208
     1,
3209
     TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3210
     TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3211
     TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3212
     SSL_kDHEPSK,
3213
     SSL_aPSK,
3214
     SSL_ARIA128GCM,
3215
     SSL_AEAD,
3216
     TLS1_2_VERSION, TLS1_2_VERSION,
3217
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3218
     SSL_NOT_DEFAULT | SSL_HIGH,
3219
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3220
     128,
3221
     128,
3222
     },
3223
    {
3224
     1,
3225
     TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3226
     TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3227
     TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3228
     SSL_kDHEPSK,
3229
     SSL_aPSK,
3230
     SSL_ARIA256GCM,
3231
     SSL_AEAD,
3232
     TLS1_2_VERSION, TLS1_2_VERSION,
3233
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3234
     SSL_NOT_DEFAULT | SSL_HIGH,
3235
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3236
     256,
3237
     256,
3238
     },
3239
    {
3240
     1,
3241
     TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3242
     TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3243
     TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3244
     SSL_kRSAPSK,
3245
     SSL_aRSA,
3246
     SSL_ARIA128GCM,
3247
     SSL_AEAD,
3248
     TLS1_2_VERSION, TLS1_2_VERSION,
3249
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3250
     SSL_NOT_DEFAULT | SSL_HIGH,
3251
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3252
     128,
3253
     128,
3254
     },
3255
    {
3256
     1,
3257
     TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3258
     TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3259
     TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3260
     SSL_kRSAPSK,
3261
     SSL_aRSA,
3262
     SSL_ARIA256GCM,
3263
     SSL_AEAD,
3264
     TLS1_2_VERSION, TLS1_2_VERSION,
3265
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3266
     SSL_NOT_DEFAULT | SSL_HIGH,
3267
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3268
     256,
3269
     256,
3270
     },
3271
};
3272
3273
/*
3274
 * The list of known Signalling Cipher-Suite Value "ciphers", non-valid
3275
 * values stuffed into the ciphers field of the wire protocol for signalling
3276
 * purposes.
3277
 */
3278
static SSL_CIPHER ssl3_scsvs[] = {
3279
    {
3280
     0,
3281
     "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
3282
     "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
3283
     SSL3_CK_SCSV,
3284
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3285
    },
3286
    {
3287
     0,
3288
     "TLS_FALLBACK_SCSV",
3289
     "TLS_FALLBACK_SCSV",
3290
     SSL3_CK_FALLBACK_SCSV,
3291
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3292
    },
3293
};
3294
3295
static int cipher_compare(const void *a, const void *b)
3296
1.94k
{
3297
1.94k
    const SSL_CIPHER *ap = (const SSL_CIPHER *)a;
3298
1.94k
    const SSL_CIPHER *bp = (const SSL_CIPHER *)b;
3299
3300
1.94k
    if (ap->id == bp->id)
3301
0
        return 0;
3302
1.94k
    return ap->id < bp->id ? -1 : 1;
3303
1.94k
}
3304
3305
void ssl_sort_cipher_list(void)
3306
2
{
3307
2
    qsort(tls13_ciphers, TLS13_NUM_CIPHERS, sizeof(tls13_ciphers[0]),
3308
2
          cipher_compare);
3309
2
    qsort(ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof(ssl3_ciphers[0]),
3310
2
          cipher_compare);
3311
2
    qsort(ssl3_scsvs, SSL3_NUM_SCSVS, sizeof(ssl3_scsvs[0]), cipher_compare);
3312
2
}
3313
3314
static int sslcon_undefined_function_1(SSL_CONNECTION *sc, unsigned char *r,
3315
                                       size_t s, const char *t, size_t u,
3316
                                       const unsigned char *v, size_t w, int x)
3317
0
{
3318
0
    (void)r;
3319
0
    (void)s;
3320
0
    (void)t;
3321
0
    (void)u;
3322
0
    (void)v;
3323
0
    (void)w;
3324
0
    (void)x;
3325
0
    return ssl_undefined_function(SSL_CONNECTION_GET_SSL(sc));
3326
0
}
3327
3328
const SSL3_ENC_METHOD SSLv3_enc_data = {
3329
    ssl3_setup_key_block,
3330
    ssl3_generate_master_secret,
3331
    ssl3_change_cipher_state,
3332
    ssl3_final_finish_mac,
3333
    SSL3_MD_CLIENT_FINISHED_CONST, 4,
3334
    SSL3_MD_SERVER_FINISHED_CONST, 4,
3335
    ssl3_alert_code,
3336
    sslcon_undefined_function_1,
3337
    0,
3338
    ssl3_set_handshake_header,
3339
    tls_close_construct_packet,
3340
    ssl3_handshake_write
3341
};
3342
3343
OSSL_TIME ssl3_default_timeout(void)
3344
0
{
3345
    /*
3346
     * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
3347
     * http, the cache would over fill
3348
     */
3349
0
    return ossl_seconds2time(60 * 60 * 2);
3350
0
}
3351
3352
int ssl3_num_ciphers(void)
3353
0
{
3354
0
    return SSL3_NUM_CIPHERS;
3355
0
}
3356
3357
const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
3358
0
{
3359
0
    if (u < SSL3_NUM_CIPHERS)
3360
0
        return &(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]);
3361
0
    else
3362
0
        return NULL;
3363
0
}
3364
3365
int ssl3_set_handshake_header(SSL_CONNECTION *s, WPACKET *pkt, int htype)
3366
0
{
3367
    /* No header in the event of a CCS */
3368
0
    if (htype == SSL3_MT_CHANGE_CIPHER_SPEC)
3369
0
        return 1;
3370
3371
    /* Set the content type and 3 bytes for the message len */
3372
0
    if (!WPACKET_put_bytes_u8(pkt, htype)
3373
0
            || !WPACKET_start_sub_packet_u24(pkt))
3374
0
        return 0;
3375
3376
0
    return 1;
3377
0
}
3378
3379
int ssl3_handshake_write(SSL_CONNECTION *s)
3380
0
{
3381
0
    return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
3382
0
}
3383
3384
int ssl3_new(SSL *s)
3385
0
{
3386
0
#ifndef OPENSSL_NO_SRP
3387
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
3388
3389
0
    if (sc == NULL)
3390
0
        return 0;
3391
3392
0
    if (!ssl_srp_ctx_init_intern(sc))
3393
0
        return 0;
3394
0
#endif
3395
3396
0
    if (!s->method->ssl_clear(s))
3397
0
        return 0;
3398
3399
0
    return 1;
3400
0
}
3401
3402
void ssl3_free(SSL *s)
3403
0
{
3404
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
3405
3406
0
    if (sc == NULL)
3407
0
        return;
3408
3409
0
    ssl3_cleanup_key_block(sc);
3410
3411
0
    EVP_PKEY_free(sc->s3.peer_tmp);
3412
0
    sc->s3.peer_tmp = NULL;
3413
0
    EVP_PKEY_free(sc->s3.tmp.pkey);
3414
0
    sc->s3.tmp.pkey = NULL;
3415
3416
0
    ssl_evp_cipher_free(sc->s3.tmp.new_sym_enc);
3417
0
    ssl_evp_md_free(sc->s3.tmp.new_hash);
3418
3419
0
    OPENSSL_free(sc->s3.tmp.ctype);
3420
0
    sk_X509_NAME_pop_free(sc->s3.tmp.peer_ca_names, X509_NAME_free);
3421
0
    OPENSSL_free(sc->s3.tmp.ciphers_raw);
3422
0
    OPENSSL_clear_free(sc->s3.tmp.pms, sc->s3.tmp.pmslen);
3423
0
    OPENSSL_free(sc->s3.tmp.peer_sigalgs);
3424
0
    OPENSSL_free(sc->s3.tmp.peer_cert_sigalgs);
3425
0
    OPENSSL_free(sc->s3.tmp.valid_flags);
3426
0
    ssl3_free_digest_list(sc);
3427
0
    OPENSSL_free(sc->s3.alpn_selected);
3428
0
    OPENSSL_free(sc->s3.alpn_proposed);
3429
3430
0
#ifndef OPENSSL_NO_PSK
3431
0
    OPENSSL_free(sc->s3.tmp.psk);
3432
0
#endif
3433
3434
0
#ifndef OPENSSL_NO_SRP
3435
0
    ssl_srp_ctx_free_intern(sc);
3436
0
#endif
3437
0
    memset(&sc->s3, 0, sizeof(sc->s3));
3438
0
}
3439
3440
int ssl3_clear(SSL *s)
3441
0
{
3442
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
3443
0
    int flags;
3444
3445
0
    if (sc == NULL)
3446
0
        return 0;
3447
3448
0
    ssl3_cleanup_key_block(sc);
3449
0
    OPENSSL_free(sc->s3.tmp.ctype);
3450
0
    sk_X509_NAME_pop_free(sc->s3.tmp.peer_ca_names, X509_NAME_free);
3451
0
    OPENSSL_free(sc->s3.tmp.ciphers_raw);
3452
0
    OPENSSL_clear_free(sc->s3.tmp.pms, sc->s3.tmp.pmslen);
3453
0
    OPENSSL_free(sc->s3.tmp.peer_sigalgs);
3454
0
    OPENSSL_free(sc->s3.tmp.peer_cert_sigalgs);
3455
0
    OPENSSL_free(sc->s3.tmp.valid_flags);
3456
3457
0
    EVP_PKEY_free(sc->s3.tmp.pkey);
3458
0
    EVP_PKEY_free(sc->s3.peer_tmp);
3459
3460
0
    ssl3_free_digest_list(sc);
3461
3462
0
    OPENSSL_free(sc->s3.alpn_selected);
3463
0
    OPENSSL_free(sc->s3.alpn_proposed);
3464
3465
    /*
3466
     * NULL/zero-out everything in the s3 struct, but remember if we are doing
3467
     * QUIC.
3468
     */
3469
0
    flags = sc->s3.flags & TLS1_FLAGS_QUIC;
3470
0
    memset(&sc->s3, 0, sizeof(sc->s3));
3471
0
    sc->s3.flags |= flags;
3472
3473
0
    if (!ssl_free_wbio_buffer(sc))
3474
0
        return 0;
3475
3476
0
    sc->version = SSL3_VERSION;
3477
3478
0
#if !defined(OPENSSL_NO_NEXTPROTONEG)
3479
0
    OPENSSL_free(sc->ext.npn);
3480
0
    sc->ext.npn = NULL;
3481
0
    sc->ext.npn_len = 0;
3482
0
#endif
3483
3484
0
    return 1;
3485
0
}
3486
3487
#ifndef OPENSSL_NO_SRP
3488
static char *srp_password_from_info_cb(SSL *s, void *arg)
3489
0
{
3490
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
3491
3492
0
    if (sc == NULL)
3493
0
        return NULL;
3494
3495
0
    return OPENSSL_strdup(sc->srp_ctx.info);
3496
0
}
3497
#endif
3498
3499
static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len);
3500
3501
long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3502
0
{
3503
0
    int ret = 0;
3504
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
3505
3506
0
    if (sc == NULL)
3507
0
        return ret;
3508
3509
0
    switch (cmd) {
3510
0
    case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3511
0
        break;
3512
0
    case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3513
0
        ret = sc->s3.num_renegotiations;
3514
0
        break;
3515
0
    case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3516
0
        ret = sc->s3.num_renegotiations;
3517
0
        sc->s3.num_renegotiations = 0;
3518
0
        break;
3519
0
    case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3520
0
        ret = sc->s3.total_renegotiations;
3521
0
        break;
3522
0
    case SSL_CTRL_GET_FLAGS:
3523
0
        ret = (int)(sc->s3.flags);
3524
0
        break;
3525
0
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
3526
0
    case SSL_CTRL_SET_TMP_DH:
3527
0
        {
3528
0
            EVP_PKEY *pkdh = NULL;
3529
0
            if (parg == NULL) {
3530
0
                ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
3531
0
                return 0;
3532
0
            }
3533
0
            pkdh = ssl_dh_to_pkey(parg);
3534
0
            if (pkdh == NULL) {
3535
0
                ERR_raise(ERR_LIB_SSL, ERR_R_DH_LIB);
3536
0
                return 0;
3537
0
            }
3538
0
            if (!SSL_set0_tmp_dh_pkey(s, pkdh)) {
3539
0
                EVP_PKEY_free(pkdh);
3540
0
                return 0;
3541
0
            }
3542
0
            return 1;
3543
0
        }
3544
0
        break;
3545
0
    case SSL_CTRL_SET_TMP_DH_CB:
3546
0
        {
3547
0
            ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3548
0
            return ret;
3549
0
        }
3550
0
#endif
3551
0
    case SSL_CTRL_SET_DH_AUTO:
3552
0
        sc->cert->dh_tmp_auto = larg;
3553
0
        return 1;
3554
0
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
3555
0
    case SSL_CTRL_SET_TMP_ECDH:
3556
0
        {
3557
0
            if (parg == NULL) {
3558
0
                ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
3559
0
                return 0;
3560
0
            }
3561
0
            return ssl_set_tmp_ecdh_groups(&sc->ext.supportedgroups,
3562
0
                                           &sc->ext.supportedgroups_len,
3563
0
                                           parg);
3564
0
        }
3565
0
#endif                          /* !OPENSSL_NO_DEPRECATED_3_0 */
3566
0
    case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3567
        /*
3568
         * This API is only used for a client to set what SNI it will request
3569
         * from the server, but we currently allow it to be used on servers
3570
         * as well, which is a programming error.  Currently we just clear
3571
         * the field in SSL_do_handshake() for server SSLs, but when we can
3572
         * make ABI-breaking changes, we may want to make use of this API
3573
         * an error on server SSLs.
3574
         */
3575
0
        if (larg == TLSEXT_NAMETYPE_host_name) {
3576
0
            size_t len;
3577
3578
0
            OPENSSL_free(sc->ext.hostname);
3579
0
            sc->ext.hostname = NULL;
3580
3581
0
            ret = 1;
3582
0
            if (parg == NULL)
3583
0
                break;
3584
0
            len = strlen((char *)parg);
3585
0
            if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
3586
0
                ERR_raise(ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3587
0
                return 0;
3588
0
            }
3589
0
            if ((sc->ext.hostname = OPENSSL_strdup((char *)parg)) == NULL) {
3590
0
                ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
3591
0
                return 0;
3592
0
            }
3593
0
        } else {
3594
0
            ERR_raise(ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3595
0
            return 0;
3596
0
        }
3597
0
        break;
3598
0
    case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3599
0
        sc->ext.debug_arg = parg;
3600
0
        ret = 1;
3601
0
        break;
3602
3603
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3604
0
        ret = sc->ext.status_type;
3605
0
        break;
3606
3607
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3608
0
        sc->ext.status_type = larg;
3609
0
        ret = 1;
3610
0
        break;
3611
3612
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3613
0
        *(STACK_OF(X509_EXTENSION) **)parg = sc->ext.ocsp.exts;
3614
0
        ret = 1;
3615
0
        break;
3616
3617
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3618
0
        sc->ext.ocsp.exts = parg;
3619
0
        ret = 1;
3620
0
        break;
3621
3622
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3623
0
        *(STACK_OF(OCSP_RESPID) **)parg = sc->ext.ocsp.ids;
3624
0
        ret = 1;
3625
0
        break;
3626
3627
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3628
0
        sc->ext.ocsp.ids = parg;
3629
0
        ret = 1;
3630
0
        break;
3631
3632
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3633
0
        *(unsigned char **)parg = sc->ext.ocsp.resp;
3634
0
        if (sc->ext.ocsp.resp_len == 0
3635
0
                || sc->ext.ocsp.resp_len > LONG_MAX)
3636
0
            return -1;
3637
0
        return (long)sc->ext.ocsp.resp_len;
3638
3639
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
3640
0
        OPENSSL_free(sc->ext.ocsp.resp);
3641
0
        sc->ext.ocsp.resp = parg;
3642
0
        sc->ext.ocsp.resp_len = larg;
3643
0
        ret = 1;
3644
0
        break;
3645
3646
0
    case SSL_CTRL_CHAIN:
3647
0
        if (larg)
3648
0
            return ssl_cert_set1_chain(sc, NULL, (STACK_OF(X509) *)parg);
3649
0
        else
3650
0
            return ssl_cert_set0_chain(sc, NULL, (STACK_OF(X509) *)parg);
3651
3652
0
    case SSL_CTRL_CHAIN_CERT:
3653
0
        if (larg)
3654
0
            return ssl_cert_add1_chain_cert(sc, NULL, (X509 *)parg);
3655
0
        else
3656
0
            return ssl_cert_add0_chain_cert(sc, NULL, (X509 *)parg);
3657
3658
0
    case SSL_CTRL_GET_CHAIN_CERTS:
3659
0
        *(STACK_OF(X509) **)parg = sc->cert->key->chain;
3660
0
        ret = 1;
3661
0
        break;
3662
3663
0
    case SSL_CTRL_SELECT_CURRENT_CERT:
3664
0
        return ssl_cert_select_current(sc->cert, (X509 *)parg);
3665
3666
0
    case SSL_CTRL_SET_CURRENT_CERT:
3667
0
        if (larg == SSL_CERT_SET_SERVER) {
3668
0
            const SSL_CIPHER *cipher;
3669
0
            if (!sc->server)
3670
0
                return 0;
3671
0
            cipher = sc->s3.tmp.new_cipher;
3672
0
            if (cipher == NULL)
3673
0
                return 0;
3674
            /*
3675
             * No certificate for unauthenticated ciphersuites or using SRP
3676
             * authentication
3677
             */
3678
0
            if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
3679
0
                return 2;
3680
0
            if (sc->s3.tmp.cert == NULL)
3681
0
                return 0;
3682
0
            sc->cert->key = sc->s3.tmp.cert;
3683
0
            return 1;
3684
0
        }
3685
0
        return ssl_cert_set_current(sc->cert, larg);
3686
3687
0
    case SSL_CTRL_GET_GROUPS:
3688
0
        {
3689
0
            uint16_t *clist;
3690
0
            size_t clistlen;
3691
3692
0
            if (!sc->session)
3693
0
                return 0;
3694
0
            clist = sc->ext.peer_supportedgroups;
3695
0
            clistlen = sc->ext.peer_supportedgroups_len;
3696
0
            if (parg) {
3697
0
                size_t i;
3698
0
                int *cptr = parg;
3699
3700
0
                for (i = 0; i < clistlen; i++) {
3701
0
                    const TLS_GROUP_INFO *cinf
3702
0
                        = tls1_group_id_lookup(s->ctx, clist[i]);
3703
3704
0
                    if (cinf != NULL)
3705
0
                        cptr[i] = tls1_group_id2nid(cinf->group_id, 1);
3706
0
                    else
3707
0
                        cptr[i] = TLSEXT_nid_unknown | clist[i];
3708
0
                }
3709
0
            }
3710
0
            return (int)clistlen;
3711
0
        }
3712
3713
0
    case SSL_CTRL_SET_GROUPS:
3714
0
        return tls1_set_groups(&sc->ext.supportedgroups,
3715
0
                               &sc->ext.supportedgroups_len, parg, larg);
3716
3717
0
    case SSL_CTRL_SET_GROUPS_LIST:
3718
0
        return tls1_set_groups_list(s->ctx, &sc->ext.supportedgroups,
3719
0
                                    &sc->ext.supportedgroups_len, parg);
3720
3721
0
    case SSL_CTRL_GET_SHARED_GROUP:
3722
0
        {
3723
0
            uint16_t id = tls1_shared_group(sc, larg);
3724
3725
0
            if (larg != -1)
3726
0
                return tls1_group_id2nid(id, 1);
3727
0
            return id;
3728
0
        }
3729
0
    case SSL_CTRL_GET_NEGOTIATED_GROUP:
3730
0
        {
3731
0
            unsigned int id;
3732
3733
0
            if (SSL_CONNECTION_IS_TLS13(sc) && sc->s3.did_kex)
3734
0
                id = sc->s3.group_id;
3735
0
            else
3736
0
                id = sc->session->kex_group;
3737
0
            ret = tls1_group_id2nid(id, 1);
3738
0
            break;
3739
0
        }
3740
0
    case SSL_CTRL_SET_SIGALGS:
3741
0
        return tls1_set_sigalgs(sc->cert, parg, larg, 0);
3742
3743
0
    case SSL_CTRL_SET_SIGALGS_LIST:
3744
0
        return tls1_set_sigalgs_list(s->ctx, sc->cert, parg, 0);
3745
3746
0
    case SSL_CTRL_SET_CLIENT_SIGALGS:
3747
0
        return tls1_set_sigalgs(sc->cert, parg, larg, 1);
3748
3749
0
    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3750
0
        return tls1_set_sigalgs_list(s->ctx, sc->cert, parg, 1);
3751
3752
0
    case SSL_CTRL_GET_CLIENT_CERT_TYPES:
3753
0
        {
3754
0
            const unsigned char **pctype = parg;
3755
0
            if (sc->server || !sc->s3.tmp.cert_req)
3756
0
                return 0;
3757
0
            if (pctype)
3758
0
                *pctype = sc->s3.tmp.ctype;
3759
0
            return sc->s3.tmp.ctype_len;
3760
0
        }
3761
3762
0
    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3763
0
        if (!sc->server)
3764
0
            return 0;
3765
0
        return ssl3_set_req_cert_type(sc->cert, parg, larg);
3766
3767
0
    case SSL_CTRL_BUILD_CERT_CHAIN:
3768
0
        return ssl_build_cert_chain(sc, NULL, larg);
3769
3770
0
    case SSL_CTRL_SET_VERIFY_CERT_STORE:
3771
0
        return ssl_cert_set_cert_store(sc->cert, parg, 0, larg);
3772
3773
0
    case SSL_CTRL_SET_CHAIN_CERT_STORE:
3774
0
        return ssl_cert_set_cert_store(sc->cert, parg, 1, larg);
3775
3776
0
    case SSL_CTRL_GET_VERIFY_CERT_STORE:
3777
0
        return ssl_cert_get_cert_store(sc->cert, parg, 0);
3778
3779
0
    case SSL_CTRL_GET_CHAIN_CERT_STORE:
3780
0
        return ssl_cert_get_cert_store(sc->cert, parg, 1);
3781
3782
0
    case SSL_CTRL_GET_PEER_SIGNATURE_NID:
3783
0
        if (sc->s3.tmp.peer_sigalg == NULL)
3784
0
            return 0;
3785
0
        *(int *)parg = sc->s3.tmp.peer_sigalg->hash;
3786
0
        return 1;
3787
3788
0
    case SSL_CTRL_GET_SIGNATURE_NID:
3789
0
        if (sc->s3.tmp.sigalg == NULL)
3790
0
            return 0;
3791
0
        *(int *)parg = sc->s3.tmp.sigalg->hash;
3792
0
        return 1;
3793
3794
0
    case SSL_CTRL_GET_PEER_TMP_KEY:
3795
0
        if (sc->session == NULL || sc->s3.peer_tmp == NULL) {
3796
0
            return 0;
3797
0
        } else {
3798
0
            EVP_PKEY_up_ref(sc->s3.peer_tmp);
3799
0
            *(EVP_PKEY **)parg = sc->s3.peer_tmp;
3800
0
            return 1;
3801
0
        }
3802
3803
0
    case SSL_CTRL_GET_TMP_KEY:
3804
0
        if (sc->session == NULL || sc->s3.tmp.pkey == NULL) {
3805
0
            return 0;
3806
0
        } else {
3807
0
            EVP_PKEY_up_ref(sc->s3.tmp.pkey);
3808
0
            *(EVP_PKEY **)parg = sc->s3.tmp.pkey;
3809
0
            return 1;
3810
0
        }
3811
3812
0
    case SSL_CTRL_GET_EC_POINT_FORMATS:
3813
0
        {
3814
0
            const unsigned char **pformat = parg;
3815
3816
0
            if (sc->ext.peer_ecpointformats == NULL)
3817
0
                return 0;
3818
0
            *pformat = sc->ext.peer_ecpointformats;
3819
0
            return (int)sc->ext.peer_ecpointformats_len;
3820
0
        }
3821
3822
0
    case SSL_CTRL_GET_IANA_GROUPS:
3823
0
        {
3824
0
            if (parg != NULL) {
3825
0
                *(uint16_t **)parg = (uint16_t *)sc->ext.peer_supportedgroups;
3826
0
            }
3827
0
            return (int)sc->ext.peer_supportedgroups_len;
3828
0
        }
3829
3830
0
    case SSL_CTRL_SET_MSG_CALLBACK_ARG:
3831
0
        sc->msg_callback_arg = parg;
3832
0
        return 1;
3833
3834
0
    default:
3835
0
        break;
3836
0
    }
3837
0
    return ret;
3838
0
}
3839
3840
long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
3841
0
{
3842
0
    int ret = 0;
3843
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
3844
3845
0
    if (sc == NULL)
3846
0
        return ret;
3847
3848
0
    switch (cmd) {
3849
0
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
3850
0
    case SSL_CTRL_SET_TMP_DH_CB:
3851
0
        sc->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3852
0
        ret = 1;
3853
0
        break;
3854
0
#endif
3855
0
    case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3856
0
        sc->ext.debug_cb = (void (*)(SSL *, int, int,
3857
0
                                     const unsigned char *, int, void *))fp;
3858
0
        ret = 1;
3859
0
        break;
3860
3861
0
    case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3862
0
        sc->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3863
0
        ret = 1;
3864
0
        break;
3865
3866
0
    case SSL_CTRL_SET_MSG_CALLBACK:
3867
0
        sc->msg_callback = (ossl_msg_cb)fp;
3868
0
        return 1;
3869
0
    default:
3870
0
        break;
3871
0
    }
3872
0
    return ret;
3873
0
}
3874
3875
long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3876
0
{
3877
0
    switch (cmd) {
3878
0
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
3879
0
    case SSL_CTRL_SET_TMP_DH:
3880
0
        {
3881
0
            EVP_PKEY *pkdh = NULL;
3882
0
            if (parg == NULL) {
3883
0
                ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
3884
0
                return 0;
3885
0
            }
3886
0
            pkdh = ssl_dh_to_pkey(parg);
3887
0
            if (pkdh == NULL) {
3888
0
                ERR_raise(ERR_LIB_SSL, ERR_R_DH_LIB);
3889
0
                return 0;
3890
0
            }
3891
0
            if (!SSL_CTX_set0_tmp_dh_pkey(ctx, pkdh)) {
3892
0
                EVP_PKEY_free(pkdh);
3893
0
                return 0;
3894
0
            }
3895
0
            return 1;
3896
0
        }
3897
0
    case SSL_CTRL_SET_TMP_DH_CB:
3898
0
        {
3899
0
            ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3900
0
            return 0;
3901
0
        }
3902
0
#endif
3903
0
    case SSL_CTRL_SET_DH_AUTO:
3904
0
        ctx->cert->dh_tmp_auto = larg;
3905
0
        return 1;
3906
0
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
3907
0
    case SSL_CTRL_SET_TMP_ECDH:
3908
0
        {
3909
0
            if (parg == NULL) {
3910
0
                ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
3911
0
                return 0;
3912
0
            }
3913
0
            return ssl_set_tmp_ecdh_groups(&ctx->ext.supportedgroups,
3914
0
                                           &ctx->ext.supportedgroups_len,
3915
0
                                           parg);
3916
0
        }
3917
0
#endif                          /* !OPENSSL_NO_DEPRECATED_3_0 */
3918
0
    case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3919
0
        ctx->ext.servername_arg = parg;
3920
0
        break;
3921
0
    case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3922
0
    case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3923
0
        {
3924
0
            unsigned char *keys = parg;
3925
0
            long tick_keylen = (sizeof(ctx->ext.tick_key_name) +
3926
0
                                sizeof(ctx->ext.secure->tick_hmac_key) +
3927
0
                                sizeof(ctx->ext.secure->tick_aes_key));
3928
0
            if (keys == NULL)
3929
0
                return tick_keylen;
3930
0
            if (larg != tick_keylen) {
3931
0
                ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3932
0
                return 0;
3933
0
            }
3934
0
            if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
3935
0
                memcpy(ctx->ext.tick_key_name, keys,
3936
0
                       sizeof(ctx->ext.tick_key_name));
3937
0
                memcpy(ctx->ext.secure->tick_hmac_key,
3938
0
                       keys + sizeof(ctx->ext.tick_key_name),
3939
0
                       sizeof(ctx->ext.secure->tick_hmac_key));
3940
0
                memcpy(ctx->ext.secure->tick_aes_key,
3941
0
                       keys + sizeof(ctx->ext.tick_key_name) +
3942
0
                       sizeof(ctx->ext.secure->tick_hmac_key),
3943
0
                       sizeof(ctx->ext.secure->tick_aes_key));
3944
0
            } else {
3945
0
                memcpy(keys, ctx->ext.tick_key_name,
3946
0
                       sizeof(ctx->ext.tick_key_name));
3947
0
                memcpy(keys + sizeof(ctx->ext.tick_key_name),
3948
0
                       ctx->ext.secure->tick_hmac_key,
3949
0
                       sizeof(ctx->ext.secure->tick_hmac_key));
3950
0
                memcpy(keys + sizeof(ctx->ext.tick_key_name) +
3951
0
                       sizeof(ctx->ext.secure->tick_hmac_key),
3952
0
                       ctx->ext.secure->tick_aes_key,
3953
0
                       sizeof(ctx->ext.secure->tick_aes_key));
3954
0
            }
3955
0
            return 1;
3956
0
        }
3957
3958
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3959
0
        return ctx->ext.status_type;
3960
3961
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3962
0
        ctx->ext.status_type = larg;
3963
0
        break;
3964
3965
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3966
0
        ctx->ext.status_arg = parg;
3967
0
        return 1;
3968
3969
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG:
3970
0
        *(void**)parg = ctx->ext.status_arg;
3971
0
        break;
3972
3973
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB:
3974
0
        *(int (**)(SSL*, void*))parg = ctx->ext.status_cb;
3975
0
        break;
3976
3977
0
#ifndef OPENSSL_NO_SRP
3978
0
    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3979
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3980
0
        OPENSSL_free(ctx->srp_ctx.login);
3981
0
        ctx->srp_ctx.login = NULL;
3982
0
        if (parg == NULL)
3983
0
            break;
3984
0
        if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) {
3985
0
            ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_SRP_USERNAME);
3986
0
            return 0;
3987
0
        }
3988
0
        if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) {
3989
0
            ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
3990
0
            return 0;
3991
0
        }
3992
0
        break;
3993
0
    case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3994
0
        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3995
0
            srp_password_from_info_cb;
3996
0
        if (ctx->srp_ctx.info != NULL)
3997
0
            OPENSSL_free(ctx->srp_ctx.info);
3998
0
        if ((ctx->srp_ctx.info = OPENSSL_strdup((char *)parg)) == NULL) {
3999
0
            ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
4000
0
            return 0;
4001
0
        }
4002
0
        break;
4003
0
    case SSL_CTRL_SET_SRP_ARG:
4004
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4005
0
        ctx->srp_ctx.SRP_cb_arg = parg;
4006
0
        break;
4007
4008
0
    case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
4009
0
        ctx->srp_ctx.strength = larg;
4010
0
        break;
4011
0
#endif
4012
4013
0
    case SSL_CTRL_SET_GROUPS:
4014
0
        return tls1_set_groups(&ctx->ext.supportedgroups,
4015
0
                               &ctx->ext.supportedgroups_len,
4016
0
                               parg, larg);
4017
4018
0
    case SSL_CTRL_SET_GROUPS_LIST:
4019
0
        return tls1_set_groups_list(ctx, &ctx->ext.supportedgroups,
4020
0
                                    &ctx->ext.supportedgroups_len,
4021
0
                                    parg);
4022
4023
0
    case SSL_CTRL_SET_SIGALGS:
4024
0
        return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
4025
4026
0
    case SSL_CTRL_SET_SIGALGS_LIST:
4027
0
        return tls1_set_sigalgs_list(ctx, ctx->cert, parg, 0);
4028
4029
0
    case SSL_CTRL_SET_CLIENT_SIGALGS:
4030
0
        return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
4031
4032
0
    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
4033
0
        return tls1_set_sigalgs_list(ctx, ctx->cert, parg, 1);
4034
4035
0
    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
4036
0
        return ssl3_set_req_cert_type(ctx->cert, parg, larg);
4037
4038
0
    case SSL_CTRL_BUILD_CERT_CHAIN:
4039
0
        return ssl_build_cert_chain(NULL, ctx, larg);
4040
4041
0
    case SSL_CTRL_SET_VERIFY_CERT_STORE:
4042
0
        return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
4043
4044
0
    case SSL_CTRL_SET_CHAIN_CERT_STORE:
4045
0
        return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
4046
4047
0
    case SSL_CTRL_GET_VERIFY_CERT_STORE:
4048
0
        return ssl_cert_get_cert_store(ctx->cert, parg, 0);
4049
4050
0
    case SSL_CTRL_GET_CHAIN_CERT_STORE:
4051
0
        return ssl_cert_get_cert_store(ctx->cert, parg, 1);
4052
4053
        /* A Thawte special :-) */
4054
0
    case SSL_CTRL_EXTRA_CHAIN_CERT:
4055
0
        if (ctx->extra_certs == NULL) {
4056
0
            if ((ctx->extra_certs = sk_X509_new_null()) == NULL) {
4057
0
                ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB);
4058
0
                return 0;
4059
0
            }
4060
0
        }
4061
0
        if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) {
4062
0
            ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB);
4063
0
            return 0;
4064
0
        }
4065
0
        break;
4066
4067
0
    case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
4068
0
        if (ctx->extra_certs == NULL && larg == 0)
4069
0
            *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
4070
0
        else
4071
0
            *(STACK_OF(X509) **)parg = ctx->extra_certs;
4072
0
        break;
4073
4074
0
    case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
4075
0
        OSSL_STACK_OF_X509_free(ctx->extra_certs);
4076
0
        ctx->extra_certs = NULL;
4077
0
        break;
4078
4079
0
    case SSL_CTRL_CHAIN:
4080
0
        if (larg)
4081
0
            return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg);
4082
0
        else
4083
0
            return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg);
4084
4085
0
    case SSL_CTRL_CHAIN_CERT:
4086
0
        if (larg)
4087
0
            return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg);
4088
0
        else
4089
0
            return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg);
4090
4091
0
    case SSL_CTRL_GET_CHAIN_CERTS:
4092
0
        *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
4093
0
        break;
4094
4095
0
    case SSL_CTRL_SELECT_CURRENT_CERT:
4096
0
        return ssl_cert_select_current(ctx->cert, (X509 *)parg);
4097
4098
0
    case SSL_CTRL_SET_CURRENT_CERT:
4099
0
        return ssl_cert_set_current(ctx->cert, larg);
4100
4101
0
    default:
4102
0
        return 0;
4103
0
    }
4104
0
    return 1;
4105
0
}
4106
4107
long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
4108
0
{
4109
0
    switch (cmd) {
4110
0
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
4111
0
    case SSL_CTRL_SET_TMP_DH_CB:
4112
0
        {
4113
0
            ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
4114
0
        }
4115
0
        break;
4116
0
#endif
4117
0
    case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
4118
0
        ctx->ext.servername_cb = (int (*)(SSL *, int *, void *))fp;
4119
0
        break;
4120
4121
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
4122
0
        ctx->ext.status_cb = (int (*)(SSL *, void *))fp;
4123
0
        break;
4124
4125
0
# ifndef OPENSSL_NO_DEPRECATED_3_0
4126
0
    case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
4127
0
        ctx->ext.ticket_key_cb = (int (*)(SSL *, unsigned char *,
4128
0
                                          unsigned char *,
4129
0
                                          EVP_CIPHER_CTX *,
4130
0
                                          HMAC_CTX *, int))fp;
4131
0
        break;
4132
0
#endif
4133
4134
0
#ifndef OPENSSL_NO_SRP
4135
0
    case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
4136
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4137
0
        ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
4138
0
        break;
4139
0
    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
4140
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4141
0
        ctx->srp_ctx.TLS_ext_srp_username_callback =
4142
0
            (int (*)(SSL *, int *, void *))fp;
4143
0
        break;
4144
0
    case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
4145
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4146
0
        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
4147
0
            (char *(*)(SSL *, void *))fp;
4148
0
        break;
4149
0
#endif
4150
0
    case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
4151
0
        {
4152
0
            ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
4153
0
        }
4154
0
        break;
4155
0
    default:
4156
0
        return 0;
4157
0
    }
4158
0
    return 1;
4159
0
}
4160
4161
int SSL_CTX_set_tlsext_ticket_key_evp_cb
4162
    (SSL_CTX *ctx, int (*fp)(SSL *, unsigned char *, unsigned char *,
4163
                             EVP_CIPHER_CTX *, EVP_MAC_CTX *, int))
4164
0
{
4165
0
    ctx->ext.ticket_key_evp_cb = fp;
4166
0
    return 1;
4167
0
}
4168
4169
const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id)
4170
0
{
4171
0
    SSL_CIPHER c;
4172
0
    const SSL_CIPHER *cp;
4173
4174
0
    c.id = id;
4175
0
    cp = OBJ_bsearch_ssl_cipher_id(&c, tls13_ciphers, TLS13_NUM_CIPHERS);
4176
0
    if (cp != NULL)
4177
0
        return cp;
4178
0
    cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
4179
0
    if (cp != NULL)
4180
0
        return cp;
4181
0
    return OBJ_bsearch_ssl_cipher_id(&c, ssl3_scsvs, SSL3_NUM_SCSVS);
4182
0
}
4183
4184
const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname)
4185
0
{
4186
0
    SSL_CIPHER *tbl;
4187
0
    SSL_CIPHER *alltabs[] = {tls13_ciphers, ssl3_ciphers, ssl3_scsvs};
4188
0
    size_t i, j, tblsize[] = {TLS13_NUM_CIPHERS, SSL3_NUM_CIPHERS,
4189
0
                              SSL3_NUM_SCSVS};
4190
4191
    /* this is not efficient, necessary to optimize this? */
4192
0
    for (j = 0; j < OSSL_NELEM(alltabs); j++) {
4193
0
        for (i = 0, tbl = alltabs[j]; i < tblsize[j]; i++, tbl++) {
4194
0
            if (tbl->stdname == NULL)
4195
0
                continue;
4196
0
            if (strcmp(stdname, tbl->stdname) == 0) {
4197
0
                return tbl;
4198
0
            }
4199
0
        }
4200
0
    }
4201
0
    return NULL;
4202
0
}
4203
4204
/*
4205
 * This function needs to check if the ciphers required are actually
4206
 * available
4207
 */
4208
const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
4209
0
{
4210
0
    return ssl3_get_cipher_by_id(SSL3_CK_CIPHERSUITE_FLAG
4211
0
                                 | ((uint32_t)p[0] << 8L)
4212
0
                                 | (uint32_t)p[1]);
4213
0
}
4214
4215
int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
4216
0
{
4217
0
    if ((c->id & 0xff000000) != SSL3_CK_CIPHERSUITE_FLAG) {
4218
0
        *len = 0;
4219
0
        return 1;
4220
0
    }
4221
4222
0
    if (!WPACKET_put_bytes_u16(pkt, c->id & 0xffff))
4223
0
        return 0;
4224
4225
0
    *len = 2;
4226
0
    return 1;
4227
0
}
4228
4229
/*
4230
 * ssl3_choose_cipher - choose a cipher from those offered by the client
4231
 * @s: SSL connection
4232
 * @clnt: ciphers offered by the client
4233
 * @srvr: ciphers enabled on the server?
4234
 *
4235
 * Returns the selected cipher or NULL when no common ciphers.
4236
 */
4237
const SSL_CIPHER *ssl3_choose_cipher(SSL_CONNECTION *s, STACK_OF(SSL_CIPHER) *clnt,
4238
                                     STACK_OF(SSL_CIPHER) *srvr)
4239
0
{
4240
0
    const SSL_CIPHER *c, *ret = NULL;
4241
0
    STACK_OF(SSL_CIPHER) *prio, *allow;
4242
0
    int i, ii, ok, prefer_sha256 = 0;
4243
0
    unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
4244
0
    STACK_OF(SSL_CIPHER) *prio_chacha = NULL;
4245
4246
    /* Let's see which ciphers we can support */
4247
4248
    /*
4249
     * Do not set the compare functions, because this may lead to a
4250
     * reordering by "id". We want to keep the original ordering. We may pay
4251
     * a price in performance during sk_SSL_CIPHER_find(), but would have to
4252
     * pay with the price of sk_SSL_CIPHER_dup().
4253
     */
4254
4255
0
    OSSL_TRACE_BEGIN(TLS_CIPHER) {
4256
0
        BIO_printf(trc_out, "Server has %d from %p:\n",
4257
0
                   sk_SSL_CIPHER_num(srvr), (void *)srvr);
4258
0
        for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
4259
0
            c = sk_SSL_CIPHER_value(srvr, i);
4260
0
            BIO_printf(trc_out, "%p:%s\n", (void *)c, c->name);
4261
0
        }
4262
0
        BIO_printf(trc_out, "Client sent %d from %p:\n",
4263
0
                   sk_SSL_CIPHER_num(clnt), (void *)clnt);
4264
0
        for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
4265
0
            c = sk_SSL_CIPHER_value(clnt, i);
4266
0
            BIO_printf(trc_out, "%p:%s\n", (void *)c, c->name);
4267
0
        }
4268
0
    } OSSL_TRACE_END(TLS_CIPHER);
4269
4270
    /* SUITE-B takes precedence over server preference and ChaCha priortiy */
4271
0
    if (tls1_suiteb(s)) {
4272
0
        prio = srvr;
4273
0
        allow = clnt;
4274
0
    } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
4275
0
        prio = srvr;
4276
0
        allow = clnt;
4277
4278
        /* If ChaCha20 is at the top of the client preference list,
4279
           and there are ChaCha20 ciphers in the server list, then
4280
           temporarily prioritize all ChaCha20 ciphers in the servers list. */
4281
0
        if (s->options & SSL_OP_PRIORITIZE_CHACHA && sk_SSL_CIPHER_num(clnt) > 0) {
4282
0
            c = sk_SSL_CIPHER_value(clnt, 0);
4283
0
            if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4284
                /* ChaCha20 is client preferred, check server... */
4285
0
                int num = sk_SSL_CIPHER_num(srvr);
4286
0
                int found = 0;
4287
0
                for (i = 0; i < num; i++) {
4288
0
                    c = sk_SSL_CIPHER_value(srvr, i);
4289
0
                    if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4290
0
                        found = 1;
4291
0
                        break;
4292
0
                    }
4293
0
                }
4294
0
                if (found) {
4295
0
                    prio_chacha = sk_SSL_CIPHER_new_reserve(NULL, num);
4296
                    /* if reserve fails, then there's likely a memory issue */
4297
0
                    if (prio_chacha != NULL) {
4298
                        /* Put all ChaCha20 at the top, starting with the one we just found */
4299
0
                        sk_SSL_CIPHER_push(prio_chacha, c);
4300
0
                        for (i++; i < num; i++) {
4301
0
                            c = sk_SSL_CIPHER_value(srvr, i);
4302
0
                            if (c->algorithm_enc == SSL_CHACHA20POLY1305)
4303
0
                                sk_SSL_CIPHER_push(prio_chacha, c);
4304
0
                        }
4305
                        /* Pull in the rest */
4306
0
                        for (i = 0; i < num; i++) {
4307
0
                            c = sk_SSL_CIPHER_value(srvr, i);
4308
0
                            if (c->algorithm_enc != SSL_CHACHA20POLY1305)
4309
0
                                sk_SSL_CIPHER_push(prio_chacha, c);
4310
0
                        }
4311
0
                        prio = prio_chacha;
4312
0
                    }
4313
0
                }
4314
0
            }
4315
0
        }
4316
0
    } else {
4317
0
        prio = clnt;
4318
0
        allow = srvr;
4319
0
    }
4320
4321
0
    if (SSL_CONNECTION_IS_TLS13(s)) {
4322
0
#ifndef OPENSSL_NO_PSK
4323
0
        size_t j;
4324
4325
        /*
4326
         * If we allow "old" style PSK callbacks, and we have no certificate (so
4327
         * we're not going to succeed without a PSK anyway), and we're in
4328
         * TLSv1.3 then the default hash for a PSK is SHA-256 (as per the
4329
         * TLSv1.3 spec). Therefore we should prioritise ciphersuites using
4330
         * that.
4331
         */
4332
0
        if (s->psk_server_callback != NULL) {
4333
0
            for (j = 0; j < s->ssl_pkey_num && !ssl_has_cert(s, j); j++);
4334
0
            if (j == s->ssl_pkey_num) {
4335
                /* There are no certificates */
4336
0
                prefer_sha256 = 1;
4337
0
            }
4338
0
        }
4339
0
#endif
4340
0
    } else {
4341
0
        tls1_set_cert_validity(s);
4342
0
        ssl_set_masks(s);
4343
0
    }
4344
4345
0
    for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
4346
0
        int minversion, maxversion;
4347
4348
0
        c = sk_SSL_CIPHER_value(prio, i);
4349
0
        minversion = SSL_CONNECTION_IS_DTLS(s) ? c->min_dtls : c->min_tls;
4350
0
        maxversion = SSL_CONNECTION_IS_DTLS(s) ? c->max_dtls : c->max_tls;
4351
4352
        /* Skip ciphers not supported by the protocol version */
4353
0
        if (ssl_version_cmp(s, s->version, minversion) < 0
4354
0
            || ssl_version_cmp(s, s->version, maxversion) > 0)
4355
0
            continue;
4356
4357
        /*
4358
         * Since TLS 1.3 ciphersuites can be used with any auth or
4359
         * key exchange scheme skip tests.
4360
         */
4361
0
        if (!SSL_CONNECTION_IS_TLS13(s)) {
4362
0
            mask_k = s->s3.tmp.mask_k;
4363
0
            mask_a = s->s3.tmp.mask_a;
4364
0
#ifndef OPENSSL_NO_SRP
4365
0
            if (s->srp_ctx.srp_Mask & SSL_kSRP) {
4366
0
                mask_k |= SSL_kSRP;
4367
0
                mask_a |= SSL_aSRP;
4368
0
            }
4369
0
#endif
4370
4371
0
            alg_k = c->algorithm_mkey;
4372
0
            alg_a = c->algorithm_auth;
4373
4374
0
#ifndef OPENSSL_NO_PSK
4375
            /* with PSK there must be server callback set */
4376
0
            if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
4377
0
                continue;
4378
0
#endif                          /* OPENSSL_NO_PSK */
4379
4380
0
            ok = (alg_k & mask_k) && (alg_a & mask_a);
4381
0
            OSSL_TRACE7(TLS_CIPHER,
4382
0
                        "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
4383
0
                        ok, alg_k, alg_a, mask_k, mask_a, (void *)c, c->name);
4384
4385
            /*
4386
             * if we are considering an ECC cipher suite that uses an ephemeral
4387
             * EC key check it
4388
             */
4389
0
            if (alg_k & SSL_kECDHE)
4390
0
                ok = ok && tls1_check_ec_tmp_key(s, c->id);
4391
4392
0
            if (!ok)
4393
0
                continue;
4394
0
        }
4395
0
        ii = sk_SSL_CIPHER_find(allow, c);
4396
0
        if (ii >= 0) {
4397
            /* Check security callback permits this cipher */
4398
0
            if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
4399
0
                              c->strength_bits, 0, (void *)c))
4400
0
                continue;
4401
4402
0
            if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
4403
0
                && s->s3.is_probably_safari) {
4404
0
                if (!ret)
4405
0
                    ret = sk_SSL_CIPHER_value(allow, ii);
4406
0
                continue;
4407
0
            }
4408
4409
0
            if (prefer_sha256) {
4410
0
                const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
4411
0
                const EVP_MD *md = ssl_md(SSL_CONNECTION_GET_CTX(s),
4412
0
                                          tmp->algorithm2);
4413
4414
0
                if (md != NULL
4415
0
                        && EVP_MD_is_a(md, OSSL_DIGEST_NAME_SHA2_256)) {
4416
0
                    ret = tmp;
4417
0
                    break;
4418
0
                }
4419
0
                if (ret == NULL)
4420
0
                    ret = tmp;
4421
0
                continue;
4422
0
            }
4423
0
            ret = sk_SSL_CIPHER_value(allow, ii);
4424
0
            break;
4425
0
        }
4426
0
    }
4427
4428
0
    sk_SSL_CIPHER_free(prio_chacha);
4429
4430
0
    return ret;
4431
0
}
4432
4433
int ssl3_get_req_cert_type(SSL_CONNECTION *s, WPACKET *pkt)
4434
0
{
4435
0
    uint32_t alg_k, alg_a = 0;
4436
4437
    /* If we have custom certificate types set, use them */
4438
0
    if (s->cert->ctype)
4439
0
        return WPACKET_memcpy(pkt, s->cert->ctype, s->cert->ctype_len);
4440
    /* Get mask of algorithms disabled by signature list */
4441
0
    ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK);
4442
4443
0
    alg_k = s->s3.tmp.new_cipher->algorithm_mkey;
4444
4445
0
#ifndef OPENSSL_NO_GOST
4446
0
    if (s->version >= TLS1_VERSION && (alg_k & SSL_kGOST))
4447
0
        if (!WPACKET_put_bytes_u8(pkt, TLS_CT_GOST01_SIGN)
4448
0
            || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_SIGN)
4449
0
            || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_512_SIGN)
4450
0
            || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_LEGACY_SIGN)
4451
0
            || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_LEGACY_512_SIGN))
4452
0
            return 0;
4453
4454
0
    if (s->version >= TLS1_2_VERSION && (alg_k & SSL_kGOST18))
4455
0
        if (!WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_SIGN)
4456
0
            || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_512_SIGN))
4457
0
            return 0;
4458
0
#endif
4459
4460
0
    if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) {
4461
0
        if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_EPHEMERAL_DH))
4462
0
            return 0;
4463
0
        if (!(alg_a & SSL_aDSS)
4464
0
                && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH))
4465
0
            return 0;
4466
0
    }
4467
0
    if (!(alg_a & SSL_aRSA) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_SIGN))
4468
0
        return 0;
4469
0
    if (!(alg_a & SSL_aDSS) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_SIGN))
4470
0
        return 0;
4471
4472
    /*
4473
     * ECDSA certs can be used with RSA cipher suites too so we don't
4474
     * need to check for SSL_kECDH or SSL_kECDHE
4475
     */
4476
0
    if (s->version >= TLS1_VERSION
4477
0
            && !(alg_a & SSL_aECDSA)
4478
0
            && !WPACKET_put_bytes_u8(pkt, TLS_CT_ECDSA_SIGN))
4479
0
        return 0;
4480
4481
0
    return 1;
4482
0
}
4483
4484
static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
4485
0
{
4486
0
    OPENSSL_free(c->ctype);
4487
0
    c->ctype = NULL;
4488
0
    c->ctype_len = 0;
4489
0
    if (p == NULL || len == 0)
4490
0
        return 1;
4491
0
    if (len > 0xff)
4492
0
        return 0;
4493
0
    c->ctype = OPENSSL_memdup(p, len);
4494
0
    if (c->ctype == NULL)
4495
0
        return 0;
4496
0
    c->ctype_len = len;
4497
0
    return 1;
4498
0
}
4499
4500
int ssl3_shutdown(SSL *s)
4501
0
{
4502
0
    int ret;
4503
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
4504
4505
0
    if (sc == NULL)
4506
0
        return 0;
4507
4508
    /*
4509
     * Don't do anything much if we have not done the handshake or we don't
4510
     * want to send messages :-)
4511
     */
4512
0
    if (sc->quiet_shutdown || SSL_in_before(s)) {
4513
0
        sc->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
4514
0
        return 1;
4515
0
    }
4516
4517
0
    if (!(sc->shutdown & SSL_SENT_SHUTDOWN)) {
4518
0
        sc->shutdown |= SSL_SENT_SHUTDOWN;
4519
0
        ssl3_send_alert(sc, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
4520
        /*
4521
         * our shutdown alert has been sent now, and if it still needs to be
4522
         * written, s->s3.alert_dispatch will be > 0
4523
         */
4524
0
        if (sc->s3.alert_dispatch > 0)
4525
0
            return -1;        /* return WANT_WRITE */
4526
0
    } else if (sc->s3.alert_dispatch > 0) {
4527
        /* resend it if not sent */
4528
0
        ret = s->method->ssl_dispatch_alert(s);
4529
0
        if (ret == -1) {
4530
            /*
4531
             * we only get to return -1 here the 2nd/Nth invocation, we must
4532
             * have already signalled return 0 upon a previous invocation,
4533
             * return WANT_WRITE
4534
             */
4535
0
            return ret;
4536
0
        }
4537
0
    } else if (!(sc->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4538
0
        size_t readbytes;
4539
        /*
4540
         * If we are waiting for a close from our peer, we are closed
4541
         */
4542
0
        s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0, &readbytes);
4543
0
        if (!(sc->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4544
0
            return -1;        /* return WANT_READ */
4545
0
        }
4546
0
    }
4547
4548
0
    if ((sc->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN))
4549
0
            && sc->s3.alert_dispatch == SSL_ALERT_DISPATCH_NONE)
4550
0
        return 1;
4551
0
    else
4552
0
        return 0;
4553
0
}
4554
4555
int ssl3_write(SSL *s, const void *buf, size_t len, size_t *written)
4556
0
{
4557
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
4558
4559
0
    if (sc == NULL)
4560
0
        return 0;
4561
4562
0
    clear_sys_error();
4563
0
    if (sc->s3.renegotiate)
4564
0
        ssl3_renegotiate_check(s, 0);
4565
4566
0
    return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
4567
0
                                      written);
4568
0
}
4569
4570
static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek,
4571
                              size_t *readbytes)
4572
0
{
4573
0
    int ret;
4574
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
4575
4576
0
    if (sc == NULL)
4577
0
        return 0;
4578
4579
0
    clear_sys_error();
4580
0
    if (sc->s3.renegotiate)
4581
0
        ssl3_renegotiate_check(s, 0);
4582
0
    sc->s3.in_read_app_data = 1;
4583
0
    ret =
4584
0
        s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
4585
0
                                  peek, readbytes);
4586
0
    if ((ret == -1) && (sc->s3.in_read_app_data == 2)) {
4587
        /*
4588
         * ssl3_read_bytes decided to call s->handshake_func, which called
4589
         * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
4590
         * actually found application data and thinks that application data
4591
         * makes sense here; so disable handshake processing and try to read
4592
         * application data again.
4593
         */
4594
0
        ossl_statem_set_in_handshake(sc, 1);
4595
0
        ret =
4596
0
            s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
4597
0
                                      len, peek, readbytes);
4598
0
        ossl_statem_set_in_handshake(sc, 0);
4599
0
    } else
4600
0
        sc->s3.in_read_app_data = 0;
4601
4602
0
    return ret;
4603
0
}
4604
4605
int ssl3_read(SSL *s, void *buf, size_t len, size_t *readbytes)
4606
0
{
4607
0
    return ssl3_read_internal(s, buf, len, 0, readbytes);
4608
0
}
4609
4610
int ssl3_peek(SSL *s, void *buf, size_t len, size_t *readbytes)
4611
0
{
4612
0
    return ssl3_read_internal(s, buf, len, 1, readbytes);
4613
0
}
4614
4615
int ssl3_renegotiate(SSL *s)
4616
0
{
4617
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
4618
4619
0
    if (sc == NULL)
4620
0
        return 0;
4621
4622
0
    if (sc->handshake_func == NULL)
4623
0
        return 1;
4624
4625
0
    sc->s3.renegotiate = 1;
4626
0
    return 1;
4627
0
}
4628
4629
/*
4630
 * Check if we are waiting to do a renegotiation and if so whether now is a
4631
 * good time to do it. If |initok| is true then we are being called from inside
4632
 * the state machine so ignore the result of SSL_in_init(s). Otherwise we
4633
 * should not do a renegotiation if SSL_in_init(s) is true. Returns 1 if we
4634
 * should do a renegotiation now and sets up the state machine for it. Otherwise
4635
 * returns 0.
4636
 */
4637
int ssl3_renegotiate_check(SSL *s, int initok)
4638
0
{
4639
0
    int ret = 0;
4640
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
4641
4642
0
    if (sc == NULL)
4643
0
        return 0;
4644
4645
0
    if (sc->s3.renegotiate) {
4646
0
        if (!RECORD_LAYER_read_pending(&sc->rlayer)
4647
0
            && !RECORD_LAYER_write_pending(&sc->rlayer)
4648
0
            && (initok || !SSL_in_init(s))) {
4649
            /*
4650
             * if we are the server, and we have sent a 'RENEGOTIATE'
4651
             * message, we need to set the state machine into the renegotiate
4652
             * state.
4653
             */
4654
0
            ossl_statem_set_renegotiate(sc);
4655
0
            sc->s3.renegotiate = 0;
4656
0
            sc->s3.num_renegotiations++;
4657
0
            sc->s3.total_renegotiations++;
4658
0
            ret = 1;
4659
0
        }
4660
0
    }
4661
0
    return ret;
4662
0
}
4663
4664
/*
4665
 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
4666
 * handshake macs if required.
4667
 *
4668
 * If PSK and using SHA384 for TLS < 1.2 switch to default.
4669
 */
4670
long ssl_get_algorithm2(SSL_CONNECTION *s)
4671
0
{
4672
0
    long alg2;
4673
0
    SSL *ssl = SSL_CONNECTION_GET_SSL(s);
4674
4675
0
    if (s->s3.tmp.new_cipher == NULL)
4676
0
        return -1;
4677
0
    alg2 = s->s3.tmp.new_cipher->algorithm2;
4678
0
    if (ssl->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) {
4679
0
        if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
4680
0
            return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4681
0
    } else if (s->s3.tmp.new_cipher->algorithm_mkey & SSL_PSK) {
4682
0
        if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384))
4683
0
            return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF;
4684
0
    }
4685
0
    return alg2;
4686
0
}
4687
4688
/*
4689
 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
4690
 * failure, 1 on success.
4691
 */
4692
int ssl_fill_hello_random(SSL_CONNECTION *s, int server,
4693
                          unsigned char *result, size_t len,
4694
                          DOWNGRADE dgrd)
4695
0
{
4696
0
    int send_time = 0, ret;
4697
4698
0
    if (len < 4)
4699
0
        return 0;
4700
0
    if (server)
4701
0
        send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
4702
0
    else
4703
0
        send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
4704
0
    if (send_time) {
4705
0
        unsigned long Time = (unsigned long)time(NULL);
4706
0
        unsigned char *p = result;
4707
4708
0
        l2n(Time, p);
4709
0
        ret = RAND_bytes_ex(SSL_CONNECTION_GET_CTX(s)->libctx, p, len - 4, 0);
4710
0
    } else {
4711
0
        ret = RAND_bytes_ex(SSL_CONNECTION_GET_CTX(s)->libctx, result, len, 0);
4712
0
    }
4713
4714
0
    if (ret > 0) {
4715
0
        if (!ossl_assert(sizeof(tls11downgrade) < len)
4716
0
                || !ossl_assert(sizeof(tls12downgrade) < len))
4717
0
             return 0;
4718
0
        if (dgrd == DOWNGRADE_TO_1_2)
4719
0
            memcpy(result + len - sizeof(tls12downgrade), tls12downgrade,
4720
0
                   sizeof(tls12downgrade));
4721
0
        else if (dgrd == DOWNGRADE_TO_1_1)
4722
0
            memcpy(result + len - sizeof(tls11downgrade), tls11downgrade,
4723
0
                   sizeof(tls11downgrade));
4724
0
    }
4725
4726
0
    return ret;
4727
0
}
4728
4729
int ssl_generate_master_secret(SSL_CONNECTION *s, unsigned char *pms,
4730
                               size_t pmslen, int free_pms)
4731
0
{
4732
0
    unsigned long alg_k = s->s3.tmp.new_cipher->algorithm_mkey;
4733
0
    int ret = 0;
4734
0
    SSL *ssl = SSL_CONNECTION_GET_SSL(s);
4735
4736
0
    if (alg_k & SSL_PSK) {
4737
0
#ifndef OPENSSL_NO_PSK
4738
0
        unsigned char *pskpms, *t;
4739
0
        size_t psklen = s->s3.tmp.psklen;
4740
0
        size_t pskpmslen;
4741
4742
        /* create PSK premaster_secret */
4743
4744
        /* For plain PSK "other_secret" is psklen zeroes */
4745
0
        if (alg_k & SSL_kPSK)
4746
0
            pmslen = psklen;
4747
4748
0
        pskpmslen = 4 + pmslen + psklen;
4749
0
        pskpms = OPENSSL_malloc(pskpmslen);
4750
0
        if (pskpms == NULL)
4751
0
            goto err;
4752
0
        t = pskpms;
4753
0
        s2n(pmslen, t);
4754
0
        if (alg_k & SSL_kPSK)
4755
0
            memset(t, 0, pmslen);
4756
0
        else
4757
0
            memcpy(t, pms, pmslen);
4758
0
        t += pmslen;
4759
0
        s2n(psklen, t);
4760
0
        memcpy(t, s->s3.tmp.psk, psklen);
4761
4762
0
        OPENSSL_clear_free(s->s3.tmp.psk, psklen);
4763
0
        s->s3.tmp.psk = NULL;
4764
0
        s->s3.tmp.psklen = 0;
4765
0
        if (!ssl->method->ssl3_enc->generate_master_secret(s,
4766
0
                    s->session->master_key, pskpms, pskpmslen,
4767
0
                    &s->session->master_key_length)) {
4768
0
            OPENSSL_clear_free(pskpms, pskpmslen);
4769
            /* SSLfatal() already called */
4770
0
            goto err;
4771
0
        }
4772
0
        OPENSSL_clear_free(pskpms, pskpmslen);
4773
#else
4774
        /* Should never happen */
4775
        goto err;
4776
#endif
4777
0
    } else {
4778
0
        if (!ssl->method->ssl3_enc->generate_master_secret(s,
4779
0
                s->session->master_key, pms, pmslen,
4780
0
                &s->session->master_key_length)) {
4781
            /* SSLfatal() already called */
4782
0
            goto err;
4783
0
        }
4784
0
    }
4785
4786
0
    ret = 1;
4787
0
 err:
4788
0
    if (pms) {
4789
0
        if (free_pms)
4790
0
            OPENSSL_clear_free(pms, pmslen);
4791
0
        else
4792
0
            OPENSSL_cleanse(pms, pmslen);
4793
0
    }
4794
0
    if (s->server == 0) {
4795
0
        s->s3.tmp.pms = NULL;
4796
0
        s->s3.tmp.pmslen = 0;
4797
0
    }
4798
0
    return ret;
4799
0
}
4800
4801
/* Generate a private key from parameters */
4802
EVP_PKEY *ssl_generate_pkey(SSL_CONNECTION *s, EVP_PKEY *pm)
4803
0
{
4804
0
    EVP_PKEY_CTX *pctx = NULL;
4805
0
    EVP_PKEY *pkey = NULL;
4806
0
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
4807
4808
0
    if (pm == NULL)
4809
0
        return NULL;
4810
0
    pctx = EVP_PKEY_CTX_new_from_pkey(sctx->libctx, pm, sctx->propq);
4811
0
    if (pctx == NULL)
4812
0
        goto err;
4813
0
    if (EVP_PKEY_keygen_init(pctx) <= 0)
4814
0
        goto err;
4815
0
    if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4816
0
        EVP_PKEY_free(pkey);
4817
0
        pkey = NULL;
4818
0
    }
4819
4820
0
    err:
4821
0
    EVP_PKEY_CTX_free(pctx);
4822
0
    return pkey;
4823
0
}
4824
4825
/* Generate a private key from a group ID */
4826
EVP_PKEY *ssl_generate_pkey_group(SSL_CONNECTION *s, uint16_t id)
4827
0
{
4828
0
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
4829
0
    const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(sctx, id);
4830
0
    EVP_PKEY_CTX *pctx = NULL;
4831
0
    EVP_PKEY *pkey = NULL;
4832
4833
0
    if (ginf == NULL) {
4834
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4835
0
        goto err;
4836
0
    }
4837
4838
0
    pctx = EVP_PKEY_CTX_new_from_name(sctx->libctx, ginf->algorithm,
4839
0
                                      sctx->propq);
4840
4841
0
    if (pctx == NULL) {
4842
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4843
0
        goto err;
4844
0
    }
4845
0
    if (EVP_PKEY_keygen_init(pctx) <= 0) {
4846
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4847
0
        goto err;
4848
0
    }
4849
0
    if (EVP_PKEY_CTX_set_group_name(pctx, ginf->realname) <= 0) {
4850
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4851
0
        goto err;
4852
0
    }
4853
0
    if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4854
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4855
0
        EVP_PKEY_free(pkey);
4856
0
        pkey = NULL;
4857
0
    }
4858
4859
0
 err:
4860
0
    EVP_PKEY_CTX_free(pctx);
4861
0
    return pkey;
4862
0
}
4863
4864
/*
4865
 * Generate parameters from a group ID
4866
 */
4867
EVP_PKEY *ssl_generate_param_group(SSL_CONNECTION *s, uint16_t id)
4868
0
{
4869
0
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
4870
0
    EVP_PKEY_CTX *pctx = NULL;
4871
0
    EVP_PKEY *pkey = NULL;
4872
0
    const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(sctx, id);
4873
4874
0
    if (ginf == NULL)
4875
0
        goto err;
4876
4877
0
    pctx = EVP_PKEY_CTX_new_from_name(sctx->libctx, ginf->algorithm,
4878
0
                                      sctx->propq);
4879
4880
0
    if (pctx == NULL)
4881
0
        goto err;
4882
0
    if (EVP_PKEY_paramgen_init(pctx) <= 0)
4883
0
        goto err;
4884
0
    if (EVP_PKEY_CTX_set_group_name(pctx, ginf->realname) <= 0) {
4885
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4886
0
        goto err;
4887
0
    }
4888
0
    if (EVP_PKEY_paramgen(pctx, &pkey) <= 0) {
4889
0
        EVP_PKEY_free(pkey);
4890
0
        pkey = NULL;
4891
0
    }
4892
4893
0
 err:
4894
0
    EVP_PKEY_CTX_free(pctx);
4895
0
    return pkey;
4896
0
}
4897
4898
/* Generate secrets from pms */
4899
int ssl_gensecret(SSL_CONNECTION *s, unsigned char *pms, size_t pmslen)
4900
0
{
4901
0
    int rv = 0;
4902
4903
    /* SSLfatal() called as appropriate in the below functions */
4904
0
    if (SSL_CONNECTION_IS_TLS13(s)) {
4905
        /*
4906
         * If we are resuming then we already generated the early secret
4907
         * when we created the ClientHello, so don't recreate it.
4908
         */
4909
0
        if (!s->hit)
4910
0
            rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL,
4911
0
                    0,
4912
0
                    (unsigned char *)&s->early_secret);
4913
0
        else
4914
0
            rv = 1;
4915
4916
0
        rv = rv && tls13_generate_handshake_secret(s, pms, pmslen);
4917
0
    } else {
4918
0
        rv = ssl_generate_master_secret(s, pms, pmslen, 0);
4919
0
    }
4920
4921
0
    return rv;
4922
0
}
4923
4924
/* Derive secrets for ECDH/DH */
4925
int ssl_derive(SSL_CONNECTION *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret)
4926
0
{
4927
0
    int rv = 0;
4928
0
    unsigned char *pms = NULL;
4929
0
    size_t pmslen = 0;
4930
0
    EVP_PKEY_CTX *pctx;
4931
0
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
4932
4933
0
    if (privkey == NULL || pubkey == NULL) {
4934
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4935
0
        return 0;
4936
0
    }
4937
4938
0
    pctx = EVP_PKEY_CTX_new_from_pkey(sctx->libctx, privkey, sctx->propq);
4939
4940
0
    if (EVP_PKEY_derive_init(pctx) <= 0
4941
0
        || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0
4942
0
        || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) {
4943
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4944
0
        goto err;
4945
0
    }
4946
4947
0
    if (SSL_CONNECTION_IS_TLS13(s) &&  EVP_PKEY_is_a(privkey, "DH"))
4948
0
        EVP_PKEY_CTX_set_dh_pad(pctx, 1);
4949
4950
0
    pms = OPENSSL_malloc(pmslen);
4951
0
    if (pms == NULL) {
4952
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB);
4953
0
        goto err;
4954
0
    }
4955
4956
0
    if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0) {
4957
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4958
0
        goto err;
4959
0
    }
4960
4961
0
    if (gensecret) {
4962
        /* SSLfatal() called as appropriate in the below functions */
4963
0
        rv = ssl_gensecret(s, pms, pmslen);
4964
0
    } else {
4965
        /* Save premaster secret */
4966
0
        s->s3.tmp.pms = pms;
4967
0
        s->s3.tmp.pmslen = pmslen;
4968
0
        pms = NULL;
4969
0
        rv = 1;
4970
0
    }
4971
4972
0
 err:
4973
0
    OPENSSL_clear_free(pms, pmslen);
4974
0
    EVP_PKEY_CTX_free(pctx);
4975
0
    return rv;
4976
0
}
4977
4978
/* Decapsulate secrets for KEM */
4979
int ssl_decapsulate(SSL_CONNECTION *s, EVP_PKEY *privkey,
4980
                    const unsigned char *ct, size_t ctlen,
4981
                    int gensecret)
4982
0
{
4983
0
    int rv = 0;
4984
0
    unsigned char *pms = NULL;
4985
0
    size_t pmslen = 0;
4986
0
    EVP_PKEY_CTX *pctx;
4987
0
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
4988
4989
0
    if (privkey == NULL) {
4990
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4991
0
        return 0;
4992
0
    }
4993
4994
0
    pctx = EVP_PKEY_CTX_new_from_pkey(sctx->libctx, privkey, sctx->propq);
4995
4996
0
    if (EVP_PKEY_decapsulate_init(pctx, NULL) <= 0
4997
0
            || EVP_PKEY_decapsulate(pctx, NULL, &pmslen, ct, ctlen) <= 0) {
4998
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4999
0
        goto err;
5000
0
    }
5001
5002
0
    pms = OPENSSL_malloc(pmslen);
5003
0
    if (pms == NULL) {
5004
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB);
5005
0
        goto err;
5006
0
    }
5007
5008
0
    if (EVP_PKEY_decapsulate(pctx, pms, &pmslen, ct, ctlen) <= 0) {
5009
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
5010
0
        goto err;
5011
0
    }
5012
5013
0
    if (gensecret) {
5014
        /* SSLfatal() called as appropriate in the below functions */
5015
0
        rv = ssl_gensecret(s, pms, pmslen);
5016
0
    } else {
5017
        /* Save premaster secret */
5018
0
        s->s3.tmp.pms = pms;
5019
0
        s->s3.tmp.pmslen = pmslen;
5020
0
        pms = NULL;
5021
0
        rv = 1;
5022
0
    }
5023
5024
0
 err:
5025
0
    OPENSSL_clear_free(pms, pmslen);
5026
0
    EVP_PKEY_CTX_free(pctx);
5027
0
    return rv;
5028
0
}
5029
5030
int ssl_encapsulate(SSL_CONNECTION *s, EVP_PKEY *pubkey,
5031
                    unsigned char **ctp, size_t *ctlenp,
5032
                    int gensecret)
5033
0
{
5034
0
    int rv = 0;
5035
0
    unsigned char *pms = NULL, *ct = NULL;
5036
0
    size_t pmslen = 0, ctlen = 0;
5037
0
    EVP_PKEY_CTX *pctx;
5038
0
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
5039
5040
0
    if (pubkey == NULL) {
5041
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
5042
0
        return 0;
5043
0
    }
5044
5045
0
    pctx = EVP_PKEY_CTX_new_from_pkey(sctx->libctx, pubkey, sctx->propq);
5046
5047
0
    if (EVP_PKEY_encapsulate_init(pctx, NULL) <= 0
5048
0
            || EVP_PKEY_encapsulate(pctx, NULL, &ctlen, NULL, &pmslen) <= 0
5049
0
            || pmslen == 0 || ctlen == 0) {
5050
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
5051
0
        goto err;
5052
0
    }
5053
5054
0
    pms = OPENSSL_malloc(pmslen);
5055
0
    ct = OPENSSL_malloc(ctlen);
5056
0
    if (pms == NULL || ct == NULL) {
5057
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB);
5058
0
        goto err;
5059
0
    }
5060
5061
0
    if (EVP_PKEY_encapsulate(pctx, ct, &ctlen, pms, &pmslen) <= 0) {
5062
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
5063
0
        goto err;
5064
0
    }
5065
5066
0
    if (gensecret) {
5067
        /* SSLfatal() called as appropriate in the below functions */
5068
0
        rv = ssl_gensecret(s, pms, pmslen);
5069
0
    } else {
5070
        /* Save premaster secret */
5071
0
        s->s3.tmp.pms = pms;
5072
0
        s->s3.tmp.pmslen = pmslen;
5073
0
        pms = NULL;
5074
0
        rv = 1;
5075
0
    }
5076
5077
0
    if (rv > 0) {
5078
        /* Pass ownership of ct to caller */
5079
0
        *ctp = ct;
5080
0
        *ctlenp = ctlen;
5081
0
        ct = NULL;
5082
0
    }
5083
5084
0
 err:
5085
0
    OPENSSL_clear_free(pms, pmslen);
5086
0
    OPENSSL_free(ct);
5087
0
    EVP_PKEY_CTX_free(pctx);
5088
0
    return rv;
5089
0
}
5090
5091
const char *SSL_get0_group_name(SSL *s)
5092
0
{
5093
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
5094
0
    unsigned int id;
5095
5096
0
    if (sc == NULL)
5097
0
        return NULL;
5098
5099
0
    if (SSL_CONNECTION_IS_TLS13(sc) && sc->s3.did_kex)
5100
0
        id = sc->s3.group_id;
5101
0
    else
5102
0
        id = sc->session->kex_group;
5103
5104
0
    return tls1_group_id2name(s->ctx, id);
5105
0
}
5106
5107
0
const char *SSL_group_to_name(SSL *s, int nid) {
5108
0
    int group_id = 0;
5109
0
    const TLS_GROUP_INFO *cinf = NULL;
5110
5111
    /* first convert to real group id for internal and external IDs */
5112
0
    if (nid & TLSEXT_nid_unknown)
5113
0
        group_id = nid & 0xFFFF;
5114
0
    else
5115
0
        group_id = tls1_nid2group_id(nid);
5116
5117
    /* then look up */
5118
0
    cinf = tls1_group_id_lookup(s->ctx, group_id);
5119
5120
0
    if (cinf != NULL)
5121
0
        return cinf->tlsname;
5122
0
    return NULL;
5123
0
}